ht

Signed-off-by: Jeff <jeff@gotenzing.com>

ht
Signed-off-by: Jeff <jeff@gotenzing.com>
Jeff Balicki
Showing 1 changed file with 12 additions and 0 deletions
.htaccess
--- a/.htaccess
View file @97833bf
+++ b/.htaccess
View file @97833bf
@@ -145,6 +145,18 @@ ModPagespeed off
    ExpiresByType application/font-woff 		     "access plus 1 year"

 </IfModule>
+
+
+<IfModule mod_headers.c>
+	Header set X-XSS-Protection "1; mode=block"
+	Header set X-Frame-Options "SAMEORIGIN"
+	Header set X-Content-Type-Options "nosniff"
+	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
+	# Header set Content-Security-Policy ...
+	Header set Referrer-Policy "same-origin"
+	Header set Feature-Policy "geolocation 'self'; vibrate 'none'"
+</IfModule>
+
 <IfModule mod_rewrite.c>

 Options -Indexes