gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity

Improve wording and file headers

This commit is contained in:
Léo Colombaro 2019-05-15 18:26:04 +02:00
parent 282d979af4
commit 0a6c880be0
No known key found for this signature in database
GPG Key ID: 687B480A6D4F735F
5 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
h5bp/security/x-content-type-options.conf
View File

@ -1,5 +1,5 @@
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# | Reducing MIME type security risks | # | Content Type Options |
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# Prevent some browsers from MIME-sniffing the response. # Prevent some browsers from MIME-sniffing the response.

2
h5bp/security/x-frame-options.conf
View File

@ -1,5 +1,5 @@
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# | Clickjacking | # | Frame Options |
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# Protect website against clickjacking. # Protect website against clickjacking.

4
h5bp/security/x-xss-protection.conf
View File

@ -1,7 +1,9 @@
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# | Reflected Cross-Site Scripting (XSS) attacks | # | Cross-Site Scripting (XSS) Protection |
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# Protect website reflected Cross-Site Scripting (XSS) attacks.
#
# (1) Try to re-enable the cross-site scripting (XSS) filter built # (1) Try to re-enable the cross-site scripting (XSS) filter built
# into most web browsers. # into most web browsers.
# #

4
h5bp/ssl/policy_intermediate.conf
View File

@ -5,9 +5,9 @@
# For services that don't need backward compatibility, the parameters # For services that don't need backward compatibility, the parameters
# below provide a higher level of security. # below provide a higher level of security.
# #
# (!) This policy enfore a strong SSL configuration, which may raise # (!) This policy enforces a strong SSL configuration, which may raise
# errors with old clients. # errors with old clients.
# If a more compatible profile is required, use intermediate policy. # If a more compatible profile is required, use the intermediate policy.
# #
# (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known # (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known
# to be weak and potentially vulnerable but are required to support # to be weak and potentially vulnerable but are required to support

3
h5bp/ssl/policy_modern.conf
View File

@ -3,7 +3,8 @@
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
# For services that want to be on the bleeding edge, the parameters # For services that want to be on the bleeding edge, the parameters
# below sacrifice compatibility for the highest level of security & performance # below sacrifice compatibility for the highest level of security
# and performance.
# #
# (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1 # (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1
# to be installed. # to be installed.