.htaccess security headers

# https://htaccessbook.com/increase-security-x-security-headers/
# https://htaccessbook.com/important-security-headers/
<IfModule mod_headers.c>
    # X-XSS-Protection
   Header set X-XSS-Protection "1; mode=block"
    # X-Frame-Options
   Header always append X-Frame-Options SAMEORIGIN
   # X-Content-Type nosniff
    Header set X-Content-Type-Options nosniff
    # Referrer-Policy
    Header set Referrer-Policy "same-origin"
    # Strict-Transport-Security
    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
</IfModule>

Leave a Reply

Your email address will not be published. Required fields are marked *