danidorado commented on issue #1749:
URL:
https://github.com/apache/incubator-pagespeed-ngx/issues/1749#issuecomment-1169887277
This is what i typically have inside a server block for a particular domain
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_intercept_errors off;
fastcgi_param SCRIPT_FILENAME
/var/www/wordpress$fastcgi_script_name;
#NGINX FASTCGI-CACHE-HEADERS
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache phpcache;
fastcgi_cache_valid 200 301 302 7d;
add_header X-FastCGI-Cache $upstream_cache_status;
#SECURITY HEADERS
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000;
includeSubDomains; preload";
add_header X-XSS-Protection "1; mode=block" always;
fastcgi_hide_header X-Powered-By;
proxy_pass_header Server;
add_header Referrer-Policy "no-referrer-when-downgrade";
#add_header Content-Security-Policy "default-src 'self' https: data:
'unsafe-inline' 'unsafe-eval';" always;
}
location ~*
\.(?:ico|css|js|gif|jpe?g|png|jpg|woff|woff2|ttf|mp4|mov|ogg)$ {
expires 366d;
#expires 1s;
add_header Pragma public;
add_header Cache-Control "public, max-age=31536000";
access_log off;
log_not_found off;
}
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@pagespeed.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
