Lago/mc_cars_gmbh_infraestructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update nginx configuration for caching, gzip compression, security headers, and error handling

Browse Source
This commit is contained in:
Lago
2026-05-09 23:37:22 +02:00
parent 8f5ea34e8b
commit 9de88a5459
1 changed files with 39 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/nginx.conf
+39 -39
View File
@@ -22,45 +22,45 @@ server {
} }
location ~* \.(?:css|js)$ { location ~* \.(?:css|js)$ {
add_header Cache-Control "no-cache"; add_header Cache-Control "no-cache";
# SEO files - cache for 1 week
location = /robots.txt {
add_header Cache-Control "public, max-age=604800";
try_files $uri =404;
}
location = /sitemap.xml {
add_header Cache-Control "public, max-age=604800";
add_header Content-Type "application/xml";
try_files $uri =404;
}
# Enable gzip compression for text-based content
gzip on;
gzip_types text/plain text/css text/xml text/javascript application/xml application/rss+xml application/javascript application/json;
gzip_min_length 1000;
gzip_comp_level 5;
gzip_vary on;
gzip_disable "msie6";
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Content Security Policy - permissive for dynamic content
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://esm.sh https://fonts.googleapis.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self';" always;
# Permissions policy (formerly Feature Policy)
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()" always;
# Performance: Enable HTTP Keep-Alive
keepalive_timeout 65;
keepalive_requests 100;
# Error pages
error_page 404 /index.html;
error_page 500 502 503 504 /index.html;
try_files $uri =404; try_files $uri =404;
} }
# SEO files - cache for 1 week
location = /robots.txt {
add_header Cache-Control "public, max-age=604800";
try_files $uri =404;
}
location = /sitemap.xml {
add_header Cache-Control "public, max-age=604800";
add_header Content-Type "application/xml";
try_files $uri =404;
}
# Enable gzip compression for text-based content
gzip on;
gzip_types text/plain text/css text/xml text/javascript application/xml application/rss+xml application/javascript application/json;
gzip_min_length 1000;
gzip_comp_level 5;
gzip_vary on;
gzip_disable "msie6";
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Content Security Policy - permissive for dynamic content
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://esm.sh https://fonts.googleapis.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'self';" always;
# Permissions policy (formerly Feature Policy)
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()" always;
# Performance: Enable HTTP Keep-Alive
keepalive_timeout 65;
keepalive_requests 100;
# Error pages
error_page 404 /index.html;
error_page 500 502 503 504 /index.html;
} }