-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
38 lines (26 loc) · 1.2 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
### Author: Bartosz Jurczewski
# General rules
Options -Indexes
RewriteEngine On
# SmartLinks (no .html)
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
# HTTPS and no www
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
# RewriteRule ^ https://bambit.com.pl/%{REQUEST_URI} [L,NE,R=301] #change url here
# SECURITY
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; script-src-elem * 'unsafe-inline';"
Header always set X-Content-Type-Options "nosniff"
Header set Set-Cookie HttpOnly;Secure
Header always set X-FRAME-OPTIONS "DENY"
Header always set X-XSS-Protection "1; mode=block"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header set Referrer-Policy "no-referrer"
Header set Feature-Policy: "microphone 'none'; \
camera 'none'; \
payment 'none'; \
geolocation 'self'"
</IfModule>