-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathnginx.conf
50 lines (41 loc) · 1.26 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
worker_processes 4;
events { worker_connections 1024; }
http {
include mime.types;
server {
listen 80;
server_name localhost;
charset utf-8;
root /app;
index index.html;
location ~* \.(?:css|js)$ {
try_files $uri /index.html;
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# Any route containing a file extension (e.g. /devicesfile.js)
location ~ ^.+\..+$ {
try_files $uri /index.html;
}
# Any route that doesn't have a file extension (e.g. /devices)
location / {
if ( $uri = '/index.html' ) {
add_header Cache-Control no-store always;
}
try_files $uri $uri/ /index.html;
}
# ----------------
# SECURITY HEADERS
# ----------------
add_header "Referrer-Policy" "strict-origin";
# don't send the nginx version number in error pages and Server header
server_tokens off;
add_header "Strict-Transport-Security" "max-age=31536000";
add_header "X-XSS-Protection" "1; mode=block";
add_header "X-Content-Type-Options" "nosniff" always;
add_header "X-Frame-Options" "DENY" always;
add_header "X-Content-Type-Options" "nosniff";
add_header "X-Permitted-Cross-Domain-Policies" "master-only";
}
}