From 46be23acf3495486a16513d87cf85414ee6b29c6 Mon Sep 17 00:00:00 2001
From: Edwin Lyon <53972157+practical-engelbart@users.noreply.github.com>
Date: Sat, 31 Oct 2020 21:39:54 -0700
Subject: [PATCH] Update mailcow.conf

---
 nginx/mailcow.conf | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/nginx/mailcow.conf b/nginx/mailcow.conf
index 0d586d2..a16ab42 100644
--- a/nginx/mailcow.conf
+++ b/nginx/mailcow.conf
@@ -53,9 +53,12 @@ server {
   ssl_dhparam /opt/mailcow-dockerized/data/assets/ssl/dhparams.pem;
 
   include /etc/nginx/snippets/ssl.conf;
-  ssl_trusted_certificate /opt/mailcow-dockerized/data/assets/ssl/chain.pem;
+  ssl_trusted_certificate /opt/mailcow-dockerized/data/assets/ssl/cert.pem;
 
-  include /etc/nginx/snippets/headers.conf;
+  add_header X-XSS-Protection "1; mode=block";
+  add_header Referrer-Policy "strict-origin";
+  add_header Content-Security-Policy "upgrade-insecure-requests";
+  add_header Strict-Transport-Security "max-age=31536000";  
   include /etc/nginx/snippets/letsencrypt.conf;
 
   location / {