Nginx Secure Configuration
Secure Server Configuration Code References Guide
Nginx Secure Configuration
Nginx Server Block Configuration
Learn how to configure secure Nginx blocks, prevent redirect loops, enforce HTTPS redirection, enable HSTS headers, and configure content security policies.
Secure Server Configuration Principles
Configuring security directives at the web server layer (Nginx, Apache, or Edge CDN) is the first line of defense against network hijacking and data leakage. Proper redirects eliminate security vulnerabilities like HTTP cleartext transport, and strict security headers mitigate client-side script vulnerability injections.
How to apply these configuration snippets
HTTPS Enforced Redirection (301)
Redirect all unencrypted HTTP traffic to HTTPS securely.
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}Strict Security Headers Configuration
Protect visitors against XSS, clickjacking, and mime-type sniffing.
# Add security headers globally
add_header X-Frame-Options "DENY" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;