feat: add security headers middleware and clean up ingress configuration

Co-authored-by: aider (openai/qwen2.5-coder:32b) <aider@aider.chat>
2026-01-17 22:25:42 +01:00
parent 10abee3441
commit 897824716d
1 changed files with 13 additions and 0 deletions
--- a/virtualinsanity/wordpress-security-headers-middleware.yaml
+++ b/virtualinsanity/wordpress-security-headers-middleware.yaml
@@ -0,0 +1,13 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: wordpress-security-headers
+  namespace: wordpress
+spec:
+  headers:
+    customResponseHeaders:
+      X-Content-Type-Options: nosniff
+      X-Frame-Options: SAMEORIGIN
+      X-XSS-Protection: "1; mode=block"
+      Referrer-Policy: no-referrer-when-downgrade
+      Content-Security-Policy: default-src 'self'