nginx: more_set_headers and not more_set_header

conf/nginx.conf

@@ -4,10 +4,9 @@ location __PATH__/ {
 	# Path to source
 	alias __FINALPATH__/ ;
 
-
 	# Force usage of https
 	if ($scheme = http) {
-    	rewrite ^ https://$server_name$request_uri? permanent;
+		rewrite ^ https://$server_name$request_uri? permanent;
 	}
 
  	index index.php;
@@ -24,13 +23,13 @@ location __PATH__/ {
 	}
 
 	# Add headers to serve security related headers
-	more_set_header Strict-Transport-Security "max-age=15768000;";
+	more_set_headers Strict-Transport-Security "max-age=15768000;";
-	more_set_header X-Content-Type-Options nosniff;
+	more_set_headers X-Content-Type-Options nosniff;
-	more_set_header X-Frame-Options "SAMEORIGIN";
+	more_set_headers X-Frame-Options "SAMEORIGIN";
-	more_set_header X-XSS-Protection "1; mode=block";
+	more_set_headers X-XSS-Protection "1; mode=block";
-	more_set_header X-Robots-Tag none;
+	more_set_headers X-Robots-Tag none;
-	more_set_header X-Download-Options noopen;
+	more_set_headers X-Download-Options noopen;
-	more_set_header X-Permitted-Cross-Domain-Policies none;
+	more_set_headers X-Permitted-Cross-Domain-Policies none;
 
 	location ~^/(tmp|config|\.ht)/{
 		deny all;
@@ -42,7 +41,7 @@ location __PATH__/ {
 		# cacher.
 		rewrite ^/([^/]*)/favicon\.ico$   __PATH__/spip.php?page=favicon.ico   last;
 		expires        1w; 
-		more_set_header  Cache-Control public;
+		more_set_headers  Cache-Control public;
 	}
 	
 	location ~ [^/]\.php(/|$) {