From b0aca7cda7c2a640862d2038ca1feb911527ceb9 Mon Sep 17 00:00:00 2001 From: Bradley Taunt Date: Fri, 9 Feb 2024 10:57:13 -0500 Subject: Further server header updates --- .htaccess | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.htaccess') diff --git a/.htaccess b/.htaccess index c52e730..3adf7fe 100644 --- a/.htaccess +++ b/.htaccess @@ -1,7 +1,7 @@ Options +Includes XBitHack Full -Header add Strict-Transport-Security "max-age=157680000" +Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self';" Header always append X-Frame-Options SAMEORIGIN Header always set X-Content-Type-Options nosniff -- cgit v1.2.3-54-g00ecf