lucid's wiki

User Tools

Site Tools

You are here: start » webapps » nitter
webapps:nitter

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
webapps:nitter [2021/03/06 03:26] lucidwebapps:nitter [2021/06/18 16:36] (current) – external edit 127.0.0.1
Line 14: Line 14:
  
 ====Configure Nginx==== ====Configure Nginx====
 +This configuration will obtain an A+ on Qualy's SSL Labs and Mozilla Observatory.
 +
   sudo vim /etc/nginx/conf.d/nitter.placeholder.domain.conf   sudo vim /etc/nginx/conf.d/nitter.placeholder.domain.conf
 <code> <code>
Line 32: Line 34:
     ssl_ecdh_curve secp384r1;     ssl_ecdh_curve secp384r1;
     ssl_session_tickets off;     ssl_session_tickets off;
-    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:AES256+EECDH:AES256+EDH:!aNULL';+    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:AES256+EECDH:AES256+EDH:!SHA1:!SHA256:!SHA384:!aNULL';
     ssl_prefer_server_ciphers on;     ssl_prefer_server_ciphers on;
     ssl_protocols TLSv1.3 TLSv1.2;     ssl_protocols TLSv1.3 TLSv1.2;
Line 47: Line 49:
     add_header X-Robots-Tag "none" always;     add_header X-Robots-Tag "none" always;
     add_header X-XSS-Protection "1; mode=block" always;     add_header X-XSS-Protection "1; mode=block" always;
-    add_header Content-Security-Policy "default-src 'self';" always;+    add_header Content-Security-Policy "default-src 'self' 'inline-unsafescript-src 'self' 'inline-unsafe'" always;
  
     location / {     location / {
webapps/nitter.1615001189.txt.gz · Last modified: 2021/06/18 16:36 (external edit)