diff --git a/coolify-manual-nginx.conf b/coolify-manual-nginx.conf
index 9f48750..2e1842f 100644
--- a/coolify-manual-nginx.conf
+++ b/coolify-manual-nginx.conf
@@ -3,14 +3,14 @@
# This replaces the entire server block content
server {
- # Security Headers
- add_header X-Content-Type-Options nosniff always;
- add_header X-Frame-Options DENY always;
+ # Enhanced Security Headers - Matching HTML meta tags
+ add_header X-Content-Type-Options "nosniff" always;
+ add_header X-Frame-Options "DENY" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.bunny.net; font-src 'self' https://fonts.bunny.net; connect-src 'self'; script-src 'self'; img-src 'self' data:; object-src 'none'; base-uri 'self'; form-action 'self';" always;
- add_header X-Permitted-Cross-Domain-Policies none always;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+ add_header X-Permitted-Cross-Domain-Policies "none" always;
# Hide nginx version
server_tokens off;
diff --git a/index.html b/index.html
index 66296a8..18e651d 100644
--- a/index.html
+++ b/index.html
@@ -7,7 +7,9 @@
+
+
Chemex Pour-Over Guide