Skip to content

Instantly share code, notes, and snippets.

@reviewsquirrel

reviewsquirrel/Add HTTP secure headers using .htaccess

Created April 27, 2016 06:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save reviewsquirrel/2ee9a902573535864d9adccaa6f7d888 to your computer and use it in GitHub Desktop.
Save reviewsquirrel/2ee9a902573535864d9adccaa6f7d888 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Add HTTP secure headers using .htaccess
<IfModule mod_headers.c>
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "sameorigin"
Header set X-Content-Type-Options "nosniff"
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:";
</IfModule>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment