gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity

Fix rebase artifacts

This commit is contained in:
Léo Colombaro 2019-05-16 00:16:13 +02:00
parent 67c54c53f1
commit d7fc6c362d
No known key found for this signature in database
GPG Key ID: 687B480A6D4F735F
4 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
h5bp/internet_explorer/x-ua-compatible.conf
View File

@ -8,9 +8,9 @@
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to consider
# enabling `Enterprise Mode` throughout your company.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# https://blogs.msdn.microsoft.com/ie/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11/

8
h5bp/location/security_file_access.conf
View File

@ -31,10 +31,10 @@ location ~* /\.(?!well-known\/) {
# https://feross.org/cmsploit/
#
# (!) Update the `location` regular expression from below to include any files
# that might end up on your production server and can expose sensitive
# information about your website. These files may include: configuration files,
# files that contain metadata about the project (e.g.: project dependencies),
# build scripts, etc..
# that might end up on your production server and can expose sensitive
# information about your website. These files may include: configuration
# files, files that contain metadata about the project (e.g.: project
# dependencies, build scripts, etc.).
location ~* (?:#.*#|\.(?:bak|conf|dist|fla|in[ci]|log|orig|psd|sh|sql|sw[op])|~)$ {
deny all;

10
h5bp/security/strict-transport-security.conf
View File

@ -13,13 +13,13 @@
# via HTTPS, regardless of what the users type in the browser's address bar.
#
# (!) Be aware that this, once published, is not revokable and you must ensure
# being able to serve the site via SSL for the duration you've specified
# in max-age. When you don't have a valid SSL connection (anymore) your
# visitors will see a nasty error message even when attempting to connect
# via simple HTTP.
# being able to serve the site via SSL for the duration you've specified
# in max-age. When you don't have a valid SSL connection (anymore) your
# visitors will see a nasty error message even when attempting to connect
# via simple HTTP.
#
# (!) Remove the `includeSubDomains` optional directive if the website's
# subdomains are not using HTTPS.
# subdomains are not using HTTPS.
#
# (1) If you want to submit your site for HSTS preload (2) you must
# * ensure the `includeSubDomains` directive to be present

2
h5bp/security/x-xss-protection.conf
View File

@ -1,5 +1,5 @@
# ----------------------------------------------------------------------
# | Reflected Cross-Site Scripting (XSS) attacks |
# | Cross-Site Scripting (XSS) Protection |
# ----------------------------------------------------------------------
# Protect website reflected Cross-Site Scripting (XSS) attacks.