Add security headers to nginx configuration for enhanced protection

2026-03-22 02:57:13 -04:00
parent deeb70ba0d
commit efc3a88052
1 changed files with 9 additions and 0 deletions
--- a/web/client/nginx.conf
+++ b/web/client/nginx.conf
@@ -9,6 +9,15 @@ server {
    root /usr/share/nginx/html;
    index index.html;

+    server_tokens off;
+
+    # Security headers
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-Frame-Options "DENY" always;
+    add_header X-XSS-Protection "0" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
+
    # Serve static files, fallback to index.html for SPA routing
    location / {
        try_files $uri $uri/ /index.html;