Hugging Face's logo

Spaces:
Supertbot
/
xia
Running

App Files Community
echo8900 commited on
Commit
bc29593
·
verified ·
1 Parent(s): 5c4057b

Update nginx.conf

Browse files
Files changed (1) hide show
  1. nginx.conf +19 -12
nginx.conf CHANGED
@@ -1,28 +1,35 @@
1
  server {
2
  listen 7860;
3
  server_name _;
4
-
5
  access_log /dev/stdout;
6
  error_log /dev/stderr warn;
7
 
 
 
 
 
 
 
 
 
 
 
 
8
  location / {
9
  proxy_pass http://127.0.0.1:18789;
10
  proxy_http_version 1.1;
11
-
12
  proxy_set_header Upgrade $http_upgrade;
13
  proxy_set_header Connection "upgrade";
14
-
15
- proxy_set_header Host $host;
16
- proxy_set_header X-Real-IP $remote_addr;
17
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
18
  proxy_set_header X-Forwarded-Proto https;
19
- proxy_set_header X-Forwarded-Host $host;
20
-
21
- proxy_read_timeout 86400s;
22
- proxy_send_timeout 86400s;
23
  proxy_connect_timeout 75s;
24
-
25
  proxy_buffering off;
26
- proxy_cache off;
27
  }
28
  }
 
1
  server {
2
  listen 7860;
3
  server_name _;
 
4
  access_log /dev/stdout;
5
  error_log /dev/stderr warn;
6
 
7
+ add_header X-Content-Type-Options "nosniff" always;
8
+ add_header X-Frame-Options "DENY" always;
9
+ add_header Referrer-Policy "strict-origin-when-cross-origin" always;
10
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; connect-src 'self' https: wss:; frame-ancestors 'none';" always;
11
+
12
+ location ~ ^/(app|data|\.git|\.env|\.openclaw|node_modules|tmp)/ {
13
+ return 403;
14
+ }
15
+
16
+ client_max_body_size 10m;
17
+
18
  location / {
19
  proxy_pass http://127.0.0.1:18789;
20
  proxy_http_version 1.1;
 
21
  proxy_set_header Upgrade $http_upgrade;
22
  proxy_set_header Connection "upgrade";
23
+ proxy_set_header Host $host;
24
+ proxy_set_header X-Real-IP $remote_addr;
25
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
26
  proxy_set_header X-Forwarded-Proto https;
27
+ proxy_set_header X-Forwarded-Host $host;
28
+
29
+ proxy_read_timeout 86400s;
30
+ proxy_send_timeout 86400s;
31
  proxy_connect_timeout 75s;
 
32
  proxy_buffering off;
33
+ proxy_cache off;
34
  }
35
  }