rcg4u/securityheaders.txt

## securityheaders.txt
#apache security headers
<IfModule mod_headers.c>
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000;"
Header set Referrer-Policy "same-origin"
Header set Feature-Policy "accelerometer 'none' ; ambient-light-sensor 'none' ; autoplay 'none' ; camera 'none' ; encrypted-media 'none' ; fullscreen 'none' ; geolocation 'none' ; gyroscope 'none' ; magnetometer 'none' ;microphone 'none' ; midi 'none' ; payment 'none' ; speaker 'none' ; sync-xhr 'none' ; usb 'none' ; notifications 'none' ; vibrate 'none' ; push 'none' ; vr 'none' "
Header set Content-Security-Policy: "script-src 'self'"
Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
</IfModule>
	#apache security headers
	<IfModule mod_headers.c>
	Header set X-Content-Type-Options nosniff
	Header set Strict-Transport-Security "max-age=31536000;"
	Header set Referrer-Policy "same-origin"
	Header set Feature-Policy "accelerometer 'none' ; ambient-light-sensor 'none' ; autoplay 'none' ; camera 'none' ; encrypted-media 'none' ; fullscreen 'none' ; geolocation 'none' ; gyroscope 'none' ; magnetometer 'none' ;microphone 'none' ; midi 'none' ; payment 'none' ; speaker 'none' ; sync-xhr 'none' ; usb 'none' ; notifications 'none' ; vibrate 'none' ; push 'none' ; vr 'none' "
	Header set Content-Security-Policy: "script-src 'self'"
	Header always append X-Frame-Options SAMEORIGIN
	Header set X-XSS-Protection "1; mode=block"
	</IfModule>