Adding headers to a custom conf file

Hello there, trying to add headers to Nginx, this happened to me:

  1. In some forum posts, I read that it is possible to add headers here:

$HOMEDIR/$user/conf/web/$domain/nginx.conf_hsts_custom

So I created the nginx.conf_hsts_custom file and put in a couple of headers, checked with “nginx -t” and then restarted nginx.

But when I checked, those headers were not sent to the browser.

  1. Then I tried this: I deleted the custom file I had created before (nginx.conf_hsts_custom) and added the headers to the file

$HOMEDIR/$user/conf/web/$domain/nginx.hsts.conf

(the conf file that Hestia creates when we activate HSTS)

I checked with “nginx -t” and then restarted nginx.

By doing it this way, everything works ok and the headers are sent to the browser.

My doubts are:

a) Why doesn’t the custom: nginx.conf_hsts_custom file works?

b) I’m not sure, but I think it is not appropriate to make customizations in “nginx.hsts.conf”, rigth? (It is possible that when HestiaCP updates, then the “nginx.hsts.conf” file it will lose those additions)

c) Maybe is better to create an Nginx template and add the headers there?

Thanks for any help !

Hi @Eduardo,

Because that is not the right file pattern :wink: The right patter is nginx.hsts.conf* so nginx.hsts.conf_custom should work.

You are right, you shouldn’t modify that file. Instead use nginx.hsts.conf_whatever or in this case, as it seems you want to add headers when ssl/tls is in use, you can use a file like nginx.ssl.conf_whatever

If you are going to use this conf in several domains, yes, I would do a template.

1 Like

I forgot to comment this. Yes, that should work if your site is not redirected to https. If you only add the headers there, those headers should work on http but nginx conf for https doesn’t have those headers defined and that is the reason you can’t see them when adding that conf file.

1 Like

Yeah !
That is the reason. I have the https redirection.
I suppose then the custom headers must be in a file like this:
nginx.ssl.conf_hsts_custom
right?

1 Like

Yes, that’s right

2 Likes

Thank you Sahsanu for the detailed explanations!
Have a good weekend !

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.