header {
	# Enable HSTS
	Strict-Transport-Security max-age=31536000;
	# Prevent embedding in frames
	X-Frame-Options DENY
	# Enable XSS protection
	X-XSS-Protection "1; mode=block"
	# Prevent MIME sniffing
	X-Content-Type-Options nosniff
	# Referrer policy
	Referrer-Policy strict-origin-when-cross-origin
}