From 993ea317d7ea167af97028b592eefe8753aa23a5 Mon Sep 17 00:00:00 2001 From: Sebastian Wagner Date: Wed, 7 Sep 2022 06:10:52 +0200 Subject: [PATCH] Readme: Add header configuration for apache (#23221) Adds the same example as for nginx for apache to copy & paste --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 2cfd5ecc7f..3b9f37dcc4 100644 --- a/README.md +++ b/README.md @@ -117,6 +117,13 @@ add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Content-Security-Policy "frame-ancestors 'none'"; ``` +For Apache, the configuration looks like: +``` +Header set X-Frame-Options SAMEORIGIN +Header set X-Content-Type-Options nosniff +Header set X-XSS-Protection "1; mode=block" +Header set Content-Security-Policy "frame-ancestors 'none'" +``` Note: In case you are already setting a `Content-Security-Policy` header elsewhere, you should modify it to include the `frame-ancestors` directive