rudimentary hardening

Author: wurstbrot

nginx/default.conf

@@ -2,8 +2,6 @@ server {
     listen       8080;
     server_name  localhost;
 
-    #access_log  /var/log/nginx/host.access.log  main;
-
     location / {
         root   /usr/share/nginx/html;
         try_files $uri $uri/ /index.html =404;
@@ -17,4 +15,8 @@ server {
     location = /50x.html {
         root   /usr/share/nginx/html;
     }
-}
+    autoindex off;
+    server_tokens off;
+    add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://fonts.gstatic.com;";
+    add_header X-Content-Type-Options nosniff;
+}