nginx.conf

server {
  listen       80;
  server_name  localhost;
  root   /usr/share/nginx/html;

  # Enables response header of "Vary: Accept-Encoding"
  gzip_vary on;

  location / {
    try_files $uri $uri/ /index.html;
    # X-Frame-Options is to prevent from clickJacking attack
    add_header X-Frame-Options SAMEORIGIN;
    # disable content-type sniffing on some browsers.
    add_header X-Content-Type-Options nosniff;
    # This header enables the Cross-site scripting (XSS) filter
    add_header X-XSS-Protection "1; mode=block";
    # This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    add_header Referrer-Policy "no-referrer-when-downgrade";
    add_header Cache-Control "no-store, no-cache, must-revalidate";
  }
}