| 1234567891011121314151617181920212223242526272829303132 |
- Options -Indexes
- <IfModule mod_headers.c>
- Header always set X-Content-Type-Options "nosniff"
- Header always set X-Frame-Options "SAMEORIGIN"
- Header always set Referrer-Policy "strict-origin-when-cross-origin"
- Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
- Header always set Cross-Origin-Resource-Policy "same-origin"
- </IfModule>
- <IfModule mod_rewrite.c>
- RewriteEngine On
- # Block hidden files/folders except ACME challenge path.
- RewriteRule "(^|/)\.(?!well-known/)" - [F]
- # Deny direct access to writable data files.
- RewriteRule ^data/ - [F,L]
- </IfModule>
- <IfModule mod_authz_core.c>
- <FilesMatch "^(config\.php|.*\.(json|md))$">
- Require all denied
- </FilesMatch>
- </IfModule>
- <IfModule !mod_authz_core.c>
- <FilesMatch "^(config\.php|.*\.(json|md))$">
- Order allow,deny
- Deny from all
- </FilesMatch>
- </IfModule>
|
