Rather than just whine about lax security practices, here is an nginx config file that will get you a pretty high score on scanners like Mozilla's Observatory.
If you work on things that involve sexuality, health, or finance and you don't enable these types of protections you're risking lives or financial ruin.
Also if you see a shortcoming please let me know, I created this in a bit of a rush and I'm always happy to learn more.
My schedule is packed and it's better to share something than nothing, no?
The point is to show how little is needed to protect against the type of encryption thwarting tools these guys likely employ, and to give people a starting point from which they can learn more from.
https://gist.github.com/zachaysan/89d40b3214160ce9d59a2b9136...
If you work on things that involve sexuality, health, or finance and you don't enable these types of protections you're risking lives or financial ruin.
Also if you see a shortcoming please let me know, I created this in a bit of a rush and I'm always happy to learn more.