^ I was heading out to lunch when I wrote that sorry.
But if I go to the website itself (under construction) it shows multiple duplicate headers including CSP which breaks a lot of stuff. (On both Firefox and Chrome dev tools…displays something like this, notice all the duplicates)
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 May 2020 20:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self';: font-src 'self';: img-src 'self';: style-src 'self';: :
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline'
Content-Language: en
Cache-Control: no-cache, must-revalidate, stale-while-revalidate, max-age=0, private, no-transform
Pragma: no-cache
Expires: 0
Here’s a copy of my custom.conf:
server {
listen 80;
root /var/www/html/xxx;
index index.php index.html index.htm index.nginx-debian.html;
server_name xxx;
add_header Content-Security-Policy "
default-src 'self';
font-src 'self';
img-src 'self';
style-src 'self';
";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options DENY;
fastcgi_pass_request_headers on;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Anyone? Anything? Bueller? Lol. :/
I think it’s about time to get back to shared hosting lol.