eliarms
diff --git a/‎nginx/conf.d/default.conf‎
Lines changed: 11 additions & 0 deletions b/‎nginx/conf.d/default.conf‎
Lines changed: 11 additions & 0 deletions
@@ -1,3 +1,9 @@
+add_header X-XSS-Protection "1; mode=block";
+add_header X-Frame-Options "SAMEORIGIN";
+add_header X-Content-Type-Options nosniff;
+add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+add_header 'Referrer-Policy' 'no-referrer-when-downgrade';
+
 server {
  listen 80;
  listen [::]:80;
@@ -23,4 +29,9 @@ server {
  proxy_set_header X-Forwarded-Proto https;
  proxy_pass http://ghost:2368;
  }
+ if ($request_method !~ ^(GET|HEAD|POST)$ )
+ {
+ return 405;
+ }
+
 }