43 lines
1.1 KiB
ApacheConf
43 lines
1.1 KiB
ApacheConf
<ifModule mod_headers.c>
|
|
# Prevent clickjacking (forbids framing by third-party sites)
|
|
Header set X-Frame-Options sameorigin
|
|
|
|
# Prevent content sniffing (MIME sniffing)
|
|
Header set X-Content-Type-Options nosniff
|
|
|
|
# Attempt to enable XSS filters in browsers, if available, and block reflected XSS
|
|
Header set X-XSS-Protection "1; mode=block"
|
|
|
|
# Cache media files for a month
|
|
<FilesMatch "\.(js|css|jpg|jpeg|png|svg|webp|gif|ico|ogg|mp4|webm)$">
|
|
Header set Cache-Control max-age=2629800
|
|
</FilesMatch>
|
|
|
|
# Remove response headers that provide no value but leak information
|
|
Header unset X-Powered-By
|
|
|
|
# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
|
|
Header unset ETag
|
|
|
|
</ifModule>
|
|
<IfModule mod_autoindex.c>
|
|
# Turn off directory listings for folders without default documents
|
|
Options -Indexes
|
|
</IfModule>
|
|
<IfModule mod_negotiation.c>
|
|
# Disable 'MultiViews' implicit filename pattern matches
|
|
Options -MultiViews
|
|
</IfModule>
|
|
|
|
RedirectMatch 403 /.git/.*$
|
|
|
|
<Files "README.md">
|
|
Require all denied
|
|
</Files>
|
|
|
|
<Files ".gitignore">
|
|
Require all denied
|
|
</Files>
|
|
|
|
|