Added X-Frame-Options protection for nginx

2016-04-26 13:24:15 -07:00 · 2016-04-26 13:24:15 -07:00 · 935948fa2b
parent 8548ede638
commit 935948fa2b
1 changed files with 3 additions and 0 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -43,5 +43,8 @@ server {
 	ssl_certificate $SSL_CERTIFICATE;
 	ssl_certificate_key $SSL_KEY;

+	# Add protection against clickjacking attacks by adding an X-Frame-Options
+	add_header X-Frame-Options "SAMEORIGIN";
+
 	# ADDITIONAL DIRECTIVES HERE
 }