Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx security #195

Merged
merged 2 commits into from
Nov 15, 2023
Merged

Nginx security #195

merged 2 commits into from
Nov 15, 2023

Commits on Nov 14, 2023

  1. fix: abnormal exit from script if secret not yet created

    @phantomjinx
    phantomjinx committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    8ba8d41 View commit details
    Browse the repository at this point in the history

  2. HAWNG-265: Adds security hardening config to nginx server 

    * Limits connections by IP address to 75

* Explicitly configures keepalive timeout to 60s

* Turns off server version being advertised by network responses

* Only allows GET, HEAD and POST requests

* Prevent click-jacking by injecting the X-Frame-Options header

* Sets the ssl protocols explicitly

* Ensures all locations end with a /
    @phantomjinx
    phantomjinx committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    6e10af3 View commit details
    Browse the repository at this point in the history