log {
	format filter {
		wrap json
		fields {
			request>headers delete
			common_log delete			
			resp_headers delete
		}
	}
}

header {
	Strict-Transport-Security max-age=31536000;
	X-Content-Type-Options "nosniff"
	X-Frame-Options SAMEORIGIN
	Referrer-Policy "same-origin"
	X-XSS-Protection "1; mode=block"
}