diff options
| -rw-r--r-- | posts/nfs-multiple-websites.md | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/posts/nfs-multiple-websites.md b/posts/nfs-multiple-websites.md index 6fd7b0d..8dde1ec 100644 --- a/posts/nfs-multiple-websites.md +++ b/posts/nfs-multiple-websites.md @@ -77,7 +77,7 @@ I also recommend setting up better Security Headers directly inside the `.htacce Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" # Content Security Policy - Header always set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; frame-> + Header always set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; frame-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self';" # Prevent Clickjacking (X-Frame-Options) Header always set X-Frame-Options "SAMEORIGIN" @@ -93,6 +93,8 @@ I also recommend setting up better Security Headers directly inside the `.htacce </IfModule> ~~~ +If you plan to have multiple websites that will contain similar security headers, you can have them share a single `.htaccess` file. Simply place your `.htaccess` file in the main root directory (`/home/public`) and you're good to go! + ## Go Live Include your website files in the proper domain sub folders on the server and you're done. Now you have a single point of entry for all your personal/project websites under one NearlyFreeSpeech "site". You also get to keep some extra coin in your wallet, since this will only cost you a fixed rate of $0.05 a day! |