hardened nginx

author: schererleander <leander@schererleander.de> 2025-05-30 06:34:32 +0200
committer: schererleander <leander@schererleander.de> 2025-05-30 06:34:32 +0200
commit: 8e3413aeeec468d0ff4ebf1b595d0abef468de0e (patch)
tree: f59f29920f695a73a7c4e937eeaa31b3f733910a /hosts/vps
parent: 82ce430ecd75ce899beb4c700e3e0c78c8407637 (diff)
1 files changed, 1 insertions, 10 deletions
diff --git a/hosts/vps/configuration.nix b/hosts/vps/configuration.nix
index 3e5f929..37600cf 100644
--- a/hosts/vps/configuration.nix
+++ b/hosts/vps/configuration.nix
@@ -56,16 +56,7 @@
           https   "max-age=31536000; includeSubdomains; preload";
       }
       add_header Strict-Transport-Security $hsts_header;
-      add_header Content-Security-Policy
-      "default-src 'self'; \
-       script-src 'self'; \
-       style-src 'self'; \
-       img-src 'self' data:; \
-       font-src 'self'; \
-       connect-src 'self'; \
-       object-src 'none'; \
-       frame-ancestors 'none'; \
-       base-uri 'self';";
+      #add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'self';" always;
       add_header 'Referrer-Policy' 'same-origin';
       add_header X-Frame-Options DENY;
       add_header X-Content-Type-Options nosniff;
author	schererleander <leander@schererleander.de>	2025-05-30 06:34:32 +0200
committer	schererleander <leander@schererleander.de>	2025-05-30 06:34:32 +0200
commit	8e3413aeeec468d0ff4ebf1b595d0abef468de0e (patch)
tree	f59f29920f695a73a7c4e937eeaa31b3f733910a /hosts/vps
parent	82ce430ecd75ce899beb4c700e3e0c78c8407637 (diff)