diff --git a/conf/default.conf b/conf/default.conf
index 51a443b..bc177e9 100644
--- a/conf/default.conf
+++ b/conf/default.conf
@@ -1,22 +1,23 @@
 server {
     listen 80;
-    include get_auto_ssl.conf;
+    include auto_ssl.conf;
 }
 
 # Dieser Server ist der Zugang zur "Nginx config und wird im 2. Openresty Server genutzt"
 server {
     listen 8080;
     
-    set $host theiaconf;
-    set $port 3000;
+    set $proxy_host theiaconf;
+    set $proxy_port 3000;
     include ldap.conf;
+    #include secure.conf;
     include default_proxy.conf;
 }
 
 
 server {
     listen 443 ssl;
-    include auto_ssl.conf;
+    include ssl.conf;
     include ldap.conf;
 
 }
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
index a05f691..3115c76 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -114,7 +114,7 @@ ldap_server fet {
     url ldap://gagarin:389/ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at?uid?sub?(objectClass=person);
     require valid_user;
 }
-    resolver 127.0.0.11 valid=30s;    
+    resolver 127.0.0.11 valid=30s;   # use the docker resolver as a default
     include /etc/nginx/conf.d/*.conf;
 
     # Don't reveal OpenResty version to clients.
diff --git a/snippets/default_proxy.conf b/snippets/default_proxy.conf
index 7112eca..dba0c26 100644
--- a/snippets/default_proxy.conf
+++ b/snippets/default_proxy.conf
@@ -1,5 +1,5 @@
 location / {
     include proxy.conf;
     proxy_buffering off;
-    proxy_pass http://$host:$port;
+    proxy_pass http://$proxy_host:$proxy_port;
 }
\ No newline at end of file
diff --git a/snippets/private.conf b/snippets/private.conf
deleted file mode 100644
index f2f5f50..0000000
--- a/snippets/private.conf
+++ /dev/null
@@ -1 +0,0 @@
-include ldap.conf;
\ No newline at end of file
diff --git a/snippets/proxy.conf b/snippets/proxy.conf
index 24d0510..722d6c5 100644
--- a/snippets/proxy.conf
+++ b/snippets/proxy.conf
@@ -7,7 +7,7 @@
         proxy_set_header X-Forwarde-Proto $scheme;
         proxy_set_header X_FORWARDED_SSL on;
         proxy_set_header HTTP_X_FORWARDED_SSL on;
-        proxy_buffering off;
+        
         
         add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
         add_header X-Content-Type-Options nosniff;
diff --git a/snippets/secure.conf b/snippets/secure.conf
index 9dfdede..65fffad 100644
--- a/snippets/secure.conf
+++ b/snippets/secure.conf
@@ -1 +1,6 @@
-include add_auto_ssl.conf;
\ No newline at end of file
+include ssl.conf;
+        add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
+        add_header X-Content-Type-Options nosniff;
+        add_header X-XSS-Protection "1; mode=block";
+        add_header Referrer-Policy "strict-origin";
+        add_header Strict-Transport-Security "max-age=31536000" always;
\ No newline at end of file
diff --git a/snippets/add_auto_ssl.conf b/snippets/ssl.conf
similarity index 100%
rename from snippets/add_auto_ssl.conf
rename to snippets/ssl.conf