Add basic security headers

2024-09-20 15:26:04 +08:00 · 2022-01-13 21:05:16 +01:00 · 2022-01-13 21:05:16 +01:00 · 919fd44ab5
parent 1060472437
commit 919fd44ab5
1 changed files with 15 additions and 1 deletions
--- a/docker/Caddyfile
+++ b/docker/Caddyfile
@ -5,6 +5,20 @@

 # Dashboard
 https://dashboard.NETMAKER_BASE_DOMAIN {
+    # Apply basic security headers
+    header {
+        # Enable HTTP Strict Transport Security (HSTS)
+        Strict-Transport-Security "max-age=31536000;"
+        # Enable cross-site filter (XSS) and tell browser to block detected attacks
+        X-XSS-Protection "1; mode=block"
+        # Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
+        X-Frame-Options "SAMEORIGIN"
+        # Prevent search engines from indexing
+        X-Robots-Tag "none"
+        # Remove the server name
+        -Server
+    }
+
    reverse_proxy http://127.0.0.1:8082
 }

@ -16,4 +30,4 @@ https://api.NETMAKER_BASE_DOMAIN {
 # gRPC
 https://grpc.NETMAKER_BASE_DOMAIN {
    reverse_proxy h2c://127.0.0.1:50051
-}
+}