i have allways liked nginx over apache2 so i would recomend that u use this here is some common trix for nginx.conf:


server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "default-src 'self' website;

