Nginx Headers Explained: The Most Important Ones
Nginx Headers Explained: The Most Important Ones HTTP headers are metadata exchanged between a client and a server. In Nginx, headers can be added, modified, or removed with: add_header <name> <value> [always]; Key Nginx Headers 1. Content-Security-Policy (CSP) Restricts which resources (JS, CSS, images) can be loaded. Example: add_header Content-Security-Policy "default-src 'self';"; 2. X-Frame-Options Prevents clickjacking by blocking iframes. add_header X-Frame-Options "SAMEORIGIN"; 3. X-Content-Type-Options Stops MIME type sniffing. add_header X-Content-Type-Options "nosniff"; 4. Strict-Transport-Security (HSTS) Forces HTTPS connections. ...