marvinelsen/website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43570108e1
website/.htaccess

43 lines
2.0 KiB
ApacheConf
Raw Blame History

# Activate gzip compression of text
mod_gzip_on Yes
# Set HTTP Strict Transport Security (HSTS) header and optimize for preload list (https://hstspreload.org) (63072000 seconds = 2 years)
Header set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header append X-Frame-Options "SAMEORIGIN"
Header unset X-Powered-By
Header unset Server
Header set Content-Security-Policy: "object-src 'none'; script-src 'self' 'unsafe-inline'; font-src 'self'; manifest-src 'self'; connect-src 'self'; style-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'none'"
Header set Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), usb=()"
Header set Referrer-Policy "no-referrer"
# Add correct content-type for fonts
AddType application/vnd.ms-fontobject .eot
AddType application/x-font-ttf .ttf
AddType application/x-font-opentype .otf
AddType application/x-font-woff .woff
AddType application/x-font-woff2 .woff2
AddType image/svg+xml .svg
# Create file hashes based on the modification time and size.
# If the modification time or size of the file changes
# the existing cache is invalidated on the user's web browser
FileETag MTime Size
# Configure expiry periods
ExpiresActive On
ExpiresByType text/css "access plus 1 weeks"
ExpiresByType application/javascript "access plus 1 weeks"
ExpiresByType application/x-javascript "access plus 1 weeks"
ExpiresByType image/gif "access plus 1 months"
ExpiresByType image/jpeg "access plus 1 months"
ExpiresByType image/png "access plus 1 months"
ExpiresByType image/x-icon "access plus 1 months"
ExpiresByType application/vnd.ms-fontobject "access plus 1 years"
ExpiresByType application/x-font-ttf "access plus 1 years"
ExpiresByType application/x-font-opentype "access plus 1 years"
ExpiresByType application/x-font-woff "access plus 1 years"
ExpiresByType application/x-font-woff2 "access plus 1 years"
ExpiresByType image/svg+xml "access plus 1 years"
Reference in New Issue View Git Blame Copy Permalink