Posts

Showing posts with the label Nginx

Nginx with Naked Domains

This right I'm going naked on everything! Non-www and everything lowercase. Just to simplify my urls. If you couldn't write it out naturally or if it takes too long then I avoid making it a path. Special cases like unique guid url parameters being the exception. For the sites that have a ton parameters this its understandable but for the domains this rule really should be applied. In some cases might say the path is up to the application however if the framework doesn't handle this is a fall back.

https://superuser.com/questions/432674/nginx-remove-www-from-httpshttps://www.digitalocean.com/community/tutorials/how-to-redirect-www-to-non-www-with-nginx-on-ubuntu-14-04http://nginx.org/en/docs/http/server_names.html

Content Security Policy & Best Practices

Image
This article is mostly on configuration with nginx and maybe a little on IIS.



Notes:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSPhttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestorshttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestorshttps://csp-evaluator.withgoogle.comhttps://securityheaders.io/

Nginx Best Practices Extended