diff --git a/_src/.htaccess b/_src/.htaccess index ebab01be..8c43b8d6 100644 --- a/_src/.htaccess +++ b/_src/.htaccess @@ -126,7 +126,7 @@ Options -MultiViews - Header set X-UA-Compatible "IE=edge" + #Header set X-UA-Compatible "IE=edge" # `mod_headers` cannot match based on the content-type, however, # the `X-UA-Compatible` response header should be send only for @@ -583,9 +583,9 @@ AddDefaultCharset utf-8 # https://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1 # http://blogs.msdn.com/b/ieinternals/archive/2014/08/18/hsts-strict-transport-security-attacks-mitigations-deployment-https.aspx -# -# Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" -# + + Header always set Strict-Transport-Security "max-age=16070400;" + # ---------------------------------------------------------------------- # | Reducing MIME type security risks |