# FamilyAlbums - Apache Configuration # Security Headers Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set Referrer-Policy "strict-origin-when-cross-origin" # Deny access to config file Require all denied Order deny,allow Deny from all # Deny access to hidden files Require all denied Order deny,allow Deny from all # Enable compression AddOutputFilterByType DEFLATE text/html text/plain text/css application/json application/javascript # Cache static assets ExpiresActive On ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/webp "access plus 1 month" # Default charset AddDefaultCharset UTF-8