set some security headers

2025-03-11 16:35:38 +00:00 · 2021-03-10 11:59:19 +01:00 · 2021-03-10 11:59:19 +01:00 · 06df2f544c
commit 06df2f544c
parent cc2b57e486
1 changed files with 5 additions and 0 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1,5 +1,10 @@
 Options -Indexes

+<IfModule mod_headers.c>
+Header set Strict-Transport-Security: "max-age=15768000; includeSubDomains; preload"
+Header set X-Content-Type-Options: "nosniff"
+</IfModule>
+
 RewriteEngine On
 RewriteRule ^favicon.ico$ styles/bootstrap/favicon.ico [L]