You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 lines
1.2 KiB
22 lines
1.2 KiB
# Security tests: https://observatory.mozilla.org/ |
|
# Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control |
|
<IfModule mod_headers.c> |
|
Header always set X-XSS-Protection "1; mode=block" |
|
Header always set X-Frame-Options "DENY" |
|
Header always set X-DNS-Prefetch-Control "off" |
|
Header always set X-Content-Type-Options "nosniff" |
|
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" "expr=%{req_novary:X-Forwarded-Proto}=='https'" |
|
Header always set Referrer-Policy "no-referrer" |
|
Header always set Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self' 'sha256-hgWmJ4N/XjVDdpPaJ9SyNBobcUm30V1q+z6yvJzFRlk='; base-uri 'self'; form-action 'none'; frame-ancestors 'none'; upgrade-insecure-requests;" |
|
</IfModule> |
|
|
|
# Redirect search results (Google, DuckDuckGo, and Bing) |
|
Redirect 301 /categories/october-2020 /2020/10 |
|
|
|
# Set custom error page: https://faq.nearlyfreespeech.net/full/error |
|
ErrorDocument 404 /404.html |
|
|
|
# Set directives for caching of static resources |
|
<FilesMatch "\.(css|ico|jpg|jpeg|png|svg)$"> |
|
Header set Cache-Control "max-age=2592000, public, immutable" |
|
</FilesMatch>
|
|
|