<IfModule mod_headers.c>
Header set X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options "nosniff"
Header set Referrer-Policy "strict-origin-when-cross-origin"
Header set Strict-Transport-Security "max-age=86400; includeSubDomains;" env=HTTPS
Header set Permission-Policy "accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()"
Header always unset X-Powered-By
Header always unset server
Header unset X-Powered-By
Header unset server
</IfModule>
Last active
June 2, 2022 17:26
-
-
Save kbcarte/6503673d333ea35400ecdd25406763a8 to your computer and use it in GitHub Desktop.
Security Headers .htaccess Example
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment