Nginx Security Headers Configuration

Security headers are low-effort, high-impact hardening for any web server. Our generator outputs the add_header directives for HSTS, Content-Security-Policy, and other OWASP-recommended headers.


Ready to generate your configuration? Use the tools in the navigation above to create a reverse proxy, static site, or PHP-FPM config in seconds.