15 lines
970 B
ApacheConf
15 lines
970 B
ApacheConf
|
RewriteEngine On
|
||
|
RewriteCond %{SERVER_PORT} 80
|
||
|
RewriteRule ^(.*)$ https://cyberjinh.fr/$1 [R,L]
|
||
|
Header always set Strict-Transport-Security "max-age=2592000; includeSubDomains; preload
|
||
|
Header always set X-Frame-Options "SAMEORIGIN"
|
||
|
Header always set X-Xss-Protection "1; mode=block"
|
||
|
Header always set X-Content-Type-Options "nosniff"
|
||
|
Header always set Referrer-Policy "same-origin"
|
||
|
Header always set Feature-Policy "microphone 'none'; payment 'none'; sync-xhr 'self' https://cyberjinh.fr"
|
||
|
Header always set X-FRAME-OPTIONS "DENY"
|
||
|
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
|
||
|
Header always set Content-Security-Policy: "default-src 'none';"
|
||
|
Header always set Content-Security-Policy: "script-src 'self' https://cyberjinh.fr;"
|
||
|
Header always set Content-Security-Policy: "style-src 'self' https://cyberjinh.fr;"
|
||
|
Header always set Content-Security-Policy: "img-src 'self' https://cyberjinh.fr https://xmpp.net https://compliance.conversations.im https://static.fsf.org;"
|