1
0
mirror of https://github.com/kremalicious/blog.git synced 2024-12-23 01:30:01 +01:00

htaccess updates

This commit is contained in:
Matthias Kretschmann 2015-06-11 00:32:01 +02:00
parent 043afcb940
commit 8eecfa9216

View File

@ -126,7 +126,7 @@ Options -MultiViews
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
#Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
@ -583,9 +583,9 @@ AddDefaultCharset utf-8
# https://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1
# http://blogs.msdn.com/b/ieinternals/archive/2014/08/18/hsts-strict-transport-security-attacks-mitigations-deployment-https.aspx
# <IfModule mod_headers.c>
# Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains"
# </IfModule>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=16070400;"
</IfModule>
# ----------------------------------------------------------------------
# | Reducing MIME type security risks |