markus2120/redacted-le-ssl.conf

## redacted-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost 1.2.3.4:443>
   ServerAdmin webmaster@localhost
   DocumentRoot /var/www/something
   ServerName something.example.com
   Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
   Header always set X-Frame-Options "SAMEORIGIN"
   Header always set X-Xss-Protection "1; mode=block"
   Header always set X-Content-Type-Options "nosniff"
   Header always set Referrer-Policy "same-origin"
   Header always set Feature-Policy "microphone 'none'; payment 'none'; camera 'none'; sync-xhr 'self'"
   Header always set Content-Security-Policy: "default-src https:;"
<Directory />
	<IfModule mod_ssl.c>
	<VirtualHost 1.2.3.4:443>
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/something
	ServerName something.example.com
	Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
	Header always set X-Frame-Options "SAMEORIGIN"
	Header always set X-Xss-Protection "1; mode=block"
	Header always set X-Content-Type-Options "nosniff"
	Header always set Referrer-Policy "same-origin"
	Header always set Feature-Policy "microphone 'none'; payment 'none'; camera 'none'; sync-xhr 'self'"
	Header always set Content-Security-Policy: "default-src https:;"
	<Directory />