Question on headers, global or individual virtual host, apache 2.4?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I'm running apache 2.4. I've got a question on headers, should the
below be set in a global context in a configuration file? Or should
they be in set in each virtual host context and wrapped in IfModule
statements?

Also, are these headers correct?

 <IfModule mod_headers.c>
         Header unset ETag
         FileETag None
         Header unset Server
         Header always set X-Content-Type-Options "nosniff"
         Header always set X-XSS-Protection "1; mode=block"
         Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
        Header set X-Content-Security-Policy "allow 'self';"

         Header always set Referrer-Policy "no-referrer-when-downgrade"
         Header always set Feature-Policy "accelerometer 'none';
camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer
'none'; microphone 'none'; payment 'none'; usb 'none' "
         Header set X-Frame-Options DENY
         Header set Cache-Control:public, max-age=31536000
         Header set MyHeader "Feel safe zombiesecured headers in
use!!! It took %D microseconds for Zombiesecured to serve this request
on %t"
        Header always set Strict-Transport-Security:
"max-age=31536000; includeSubDomains; preload"
        Header set Expect-CT enforce,max-age=30, report-uri="url" <---
You can gradually increase the max-age once you are confident that it
has been set up properly
</IfModule>

Thanks.
Dave.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux