File tree Expand file tree Collapse file tree 1 file changed +47
-0
lines changed
Expand file tree Collapse file tree 1 file changed +47
-0
lines changed Original file line number Diff line number Diff line change 1+ ##START HTTP Security Header##
2+
3+ #Content Security Policy - CSP-HEADER
4+ Header set Content-Security-Policy "frame-ancestors 'self'; default-src 'none'; script-src 'self' plausible.io peertube.tv opencollective.com liberapay.com; script-src-attr 'none'; script-src-elem 'self'; object-src 'self' img.shields.io; img-src 'self' opencollective.com liberapay.com; media-src 'self'; connect-src 'self'; frame-src 'self' img.shields.io peertube.tv; form-action 'self'; base-uri 'self'; font-src 'self'; style-src 'self'; style-src-elem 'self'; style-src-attr 'self';"
5+
6+ #HTTP Content-Types
7+ AddCharset UTF-8 .html
8+
9+ #Public Key Pins
10+ Header set Public-Key-Pins "pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000 ; includeSubDomains"
11+
12+ #Strict-Transport-Security
13+ Header set Strict-Transport-Security "max-age=31536000 ; includeSubDomains"
14+
15+ #X-Content-Type-Options
16+ Header always set X-Content-Type-Options "nosniff"
17+
18+ #X-Frame-Options
19+ Header always set X-Frame-Options "SAMEORIGIN"
20+
21+ #X-Xss-Protection
22+ Header always set X-Xss-Protection "1 ; mode=block"
23+
24+ #Referrer-Policy
25+ Header set Referrer-Policy "no-referrer, same-origin"
26+
27+ ##END HTTP Security Header##
28+
29+ #HTTP Cache
30+ Header set Cache-Control "max-age=604800 "
31+ # "max-age=604800" -> 1 Week
32+ # "max-age=2592000" -> 30 Days
33+ # "max-age=31536000" -> 1 Year
34+
35+ Error pages
36+ ErrorDocument 404 404 .html
37+
38+ ##START File Extensions##
39+
40+ RewriteEngine on
41+
42+ # Remove .html
43+ RewriteCond %{REQUEST_FILENAME} !-d
44+ RewriteCond %{REQUEST_FILENAME}\.html -f
45+ RewriteRule ^(.*)$ $1.html
46+
47+ ##END File Extensions##
You can’t perform that action at this time.
0 commit comments