-
Notifications
You must be signed in to change notification settings - Fork 8
/
nginx.conf
31 lines (26 loc) · 1.07 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Content-Type-Options "nosniff";
add_header Content-Security-Policy "object-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'; style-src 'sha256-AXbH1M2cKtoww1nExN6V4uFCB0/4cBXXoftPGP70hjk='; script-src 'sha256-AfHB/yZdM1LiSJzDQKv0mdzXeQMZGsWQiTxLhsdPkOk=' 'self'";
add_header Cache-Control "public";
if ($host ~ ^www\.(?<domain>.+)$) {
return 301 $scheme:https://$domain$request_uri;
}
location = / {
if ($http_accept_language ~* 'ru') {
rewrite (.*) https://$http_host/ru$1 last;
}
if ($http_accept_language ~* 'es') {
rewrite (.*) https://$http_host/es$1 last;
}
rewrite (.*) https://$http_host/en$1 last;
}
if (-d $request_filename) {
rewrite [^/]$ https://$http_host$uri/ permanent;
}
location ~* "(photo\..*\.jpg|\.js|\.png|\.webp|\.avif)$" {
add_header X-Content-Type-Options "nosniff";
add_header Cache-Control "public, max-age=31536000, immutable";
}
location ~* "(\.jpg|\.png|\.webp|\.ico|\.avif)$" {
add_header Content-Security-Policy "";
}