Améliorer la sécurité de nginx dans WebStation
Testé sur le DSM 6.2.2-24922 Update 4
VirtualHost-nginx.mustache
server {
{{#port.http}}
listen {{.}}{{^fqdn}} default_server{{/fqdn}};
listen [::]:{{.}}{{^fqdn}} default_server{{/fqdn}};
{{/port.http}}
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options nosniff;
add_header Cache-Control no-cache;
add_header X-Xss-Protection "1; mode=block" always;
{{#port.https}}
listen {{.}} ssl{{#https.http2}} http2{{/https.http2}}{{^fqdn}} default_server{{/fqdn}};
listen [::]:{{.}} ssl{{#https.http2}} http2{{/https.http2}}{{^fqdn}} default_server{{/fqdn}};
{{/port.https}}
https://observatory.mozilla.org/analyze/ds620slim.synology.me