GitHub

ngx_http_security_headers_module

Running curl -IL https://example.com/ will yield the added security headers: HTTP/1.1 200 OK Server: nginx Date: Tue, 21 May 2019 16:15:46 GMT Content-Type: text/html ...
GitHub

HanadaLee/ngx_http_security_headers_module

If you are not sure if you have or will have a need to access your websites or any of its subdomains over plain insecure HTTP protocol, ensure security_headers_hsts_preload off; in your config before ...