Chrissi2812/.htaccess

## .htaccess
<IfModule mod_headers.c>
  # Disable malicious js in images
  Header always set X-Content-Type-Options "nosniff"
  # This forces https for all subdomains too!!
  Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
  # Disallow iframing of website in other domains
  Header always set X-Frame-Options "SAMEORIGIN"
  # Protect Referrer
  Header always set Referrer-Policy "no-referrer-when-downgrade, strict-origin-when-cross-origin"

  # Dont tell what software is used to run the server
  Header always unset X-Powered-By
  Header always unset Server
</IfModule>
	<IfModule mod_headers.c>
	# Disable malicious js in images
	Header always set X-Content-Type-Options "nosniff"
	# This forces https for all subdomains too!!
	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
	# Disallow iframing of website in other domains
	Header always set X-Frame-Options "SAMEORIGIN"
	# Protect Referrer
	Header always set Referrer-Policy "no-referrer-when-downgrade, strict-origin-when-cross-origin"

	# Dont tell what software is used to run the server
	Header always unset X-Powered-By
	Header always unset Server
	</IfModule>