Home > Net >  How to add content-security-policy to nginx ingress controller in eks
How to add content-security-policy to nginx ingress controller in eks

Time:08-24

I have deployed an nginx ingress controller in my eks cluster. I want to add more security to my nginx deployment i.e add content-security-policy header and the below

X-Frame-Options: 
Content-Security-Policy:
X-Content-Type-Options: 
X-XSS-Protection:

Is there any document i can follow to do it. please help.

I added in the configmap and turns out it didn't help as well.

Thanks

CodePudding user response:

you can try this

ingress:
  enabled: true
  annotations:
     kubernetes.io/ingress.class: nginx
     nginx.ingress.kubernetes.io/configuration-snippet: |
        more_set_headers "X-Frame-Options: Deny";
        more_set_headers "X-Xss-Protection: 1; mode=block";
        more_set_headers "X-Content-Type-Options: nosniff";
        more_clear_headers "Cache-Control";
        more_set_headers "Cache-Control: must-revalidate";  
        proxy_set_header l5d-dst-override

Here is the list of all nginx-configuration-annotations

This fixes my issue and verifies it using zaproxy

Page link:https//www.codepudding.com/net/520670.html

Prev:How decryption is done in NGINX when SSL offloaded to GCP Cloud KMS?
Next:nginx host admin in another php container
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding