Bobcares

How to Use NGINX ADD_HEADER & ALWAYS Together?

by | May 24, 2024

The add_header with always in NGINX allows us to add a custom header to the server’s response. Bobcares, as a part of our Server Management Service offers solutions to every query that comes our way.

The add_header with always in NGINX

In NGINX, the add_header command with the always option allows us to include a custom header in the server’s response despite of the HTTP status code. By default, the add_header directive only includes the provided header in responses with specific HTTP status codes. These often include both successful responses (200, 201, 301, etc.) and error responses (404, 500, etc.).

The always overrides the default behavior. If we want to ensure a header is added regardless of whether it’s already present or not, we can use the always parameter with the add_header directive. When we use include always with the add_header directive, the specified header is added to all responses, regardless of status code.

How to Use it?

Several scenarios may need the constant use of add_header:

Security Headers: Certain security headers, such as X-Frame-Options or Strict-Transport-Security (HSTS), must be applied to all responses to make sure that security protections are consistent throughout the website.

Caching Headers: We may want to specify caching behavior for all resources on the server, regardless of status code. For example, specifying Cache-Control: no-cache prevents clients from caching any answers.

CORS Setup: If we are using CORS on the Nginx server, we may need to include CORS headers in all responses to allow access from particular origins.

An Example

nginx add_header always
So, the provided NGINX settings ensures that all responses from the server include the X-Frame-Options header with a value of “SAMEORIGIN” and the Cache-Control header with a value of “no-cache”.

[Need to know more? Get in touch with us if you have any further inquiries.]

Conclusion

This post explains about the use of add_header with always option on NGINX from our Tech team.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF