17 lines
628 B
YAML
17 lines
628 B
YAML
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: wordpress-security-headers
|
|
namespace: wordpress
|
|
spec:
|
|
headers:
|
|
customResponseHeaders:
|
|
X-Frame-Options: "DENY"
|
|
X-Content-Type-Options: "nosniff"
|
|
X-XSS-Protection: "1; mode=block"
|
|
X-Powered-By: "" # Removes the X-Powered-By header
|
|
# HSTS (Strict-Transport-Security) is often configured at the IngressRoute level or with a dedicated HSTS middleware.
|
|
# For simplicity, I'm keeping it commented out here but it can be added if needed.
|
|
# stsSeconds: 31536000 # 1 year
|
|
# stsIncludeSubdomains: true
|
|
# stsPreload: true |