nginx can be started by adding add_header, but it does not take effect and no error is reported
The configuration is as follows:
server {
listen 80;
server_name localhost;
server_tokens off;
#access_log logs/host.access.log main;
location / {
add_header X-Frame-Options 'SAMEORIGIN'; # 只允许本站用 frame 来嵌套
add_header X-XSS-Protection '1; mode=block'; # XSS 保护
add_header X-Content-Type-Options 'nosniff';#响应头可以禁用浏览器的类型猜测行为
root /mnt/hexo-auto-deploy/hexo/public;
index index.html index.htm;
}
location ~.*\.(js|css)?$ {
access_log off;
expires 1h;
}
location ~* ^.+\.(eot|ttf|otf|woff|woff2|svg)$ {
access_log off;
expires max;
}
It’s useless to try to put add_header in various places, I give up
The host is ecs ubuntu nginx version 1.13.0
I tested nginx -t and it said it was right, it was lost in the download
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
From the configuration you posted, it seems that there is no problem with the configuration.
The problem may lie in the inheritance feature of
add_header.If a location does not have the
add_headerinstruction, it will inherit theadd_headerconfigured by the upper level. If it is written, it will completely overwrite the upper leveladd_header.Have you written additional configurations like
location ~ .(html|htm)?$and used theadd_headerdirective in it?This will overwrite the
add_headerinlocation/.Another suggestion: put the
rootandindexinstructions in the server block. If there are no special needs, you can also putadd_headerin the server block.Supplement:
To modify the header information of static resources, you need to use
CTRL + F5to refresh.In addition, if you use a CDN, you must also clear the cache on the CDN.
Or, use
/index.html?ver= 1can also be used to bypass the cache.