# Security headers middleware and TLS options # Drop additional dynamic config files in this directory as needed http: middlewares: security-headers: headers: browserXssFilter: true contentTypeNosniff: true frameDeny: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 31536000 customFrameOptionsValue: "SAMEORIGIN" customResponseHeaders: X-Robots-Tag: "noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex" server: "" X-Forwarded-Proto: "https" tls: options: default: minVersion: VersionTLS12 cipherSuites: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256