From a7e9bcf007ec41288c9507883391c399d21ccc85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arthur=20=C8=9Ai=C8=9Beic=C4=83?=
 <arthurtiteica@users.noreply.github.com>
Date: Sun, 30 Oct 2016 10:19:35 +0200
Subject: [PATCH] Updated Searx with haproxy (markdown)

---
 Searx-with-haproxy.md | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/Searx-with-haproxy.md b/Searx-with-haproxy.md
index cbd3f2c..b4adc91 100644
--- a/Searx-with-haproxy.md
+++ b/Searx-with-haproxy.md
@@ -23,4 +23,30 @@
       server python2_searx 127.0.0.1:8888 maxconn 50 check inter 5m rise 1 fastinter 1s downinter 1s
 
     backend other_site
-       server nginx [...]
\ No newline at end of file
+       server nginx [...]
+
+## Static asset compression
+Modify the searx backend declared in haproxy by adding the following
+
+    backend searx
+       [...]
+       compression algo gzip
+       compression type text/html text/plain text/css application/javascript
+
+## Security
+
+    backend searx
+       [...]
+       http-response set-header Strict-Transport-Security max-age=15768000
+       http-response set-header X-Frame-Options SAMEORIGIN
+       http-response set-header X-Content-Type-Options nosniff
+       http-response set-header X-XSS-Protection "1; mode=block"
+       http-response set-header Content-Security-Policy "default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self';connect-src 'self';media-src 'self'"
+
+## Change the server header response.
+By default the 'Server' header of Searx is: "Server: Werkzeug/0.11.11-dev Python/2.7.12".
+
+You may change this to anything else with
+
+    backend searx
+       http-response set-header Server Apache-Nginx
\ No newline at end of file