[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] sanity check


Can someone look at this file snipet and give me a sanity check on it?
This is for Apache 2.4, and I'm thinking something might be not right
with it. It looks like I've got some similar, near similar, and
duplicate lines, will this impact performance?


<IfModule mod_headers.c>
Header unset ETag
FileETag None
Header unset Server
    Header always set X-Content-Type-Options "nosniff"
         Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Header always set Content-Security-Policy: "default-src 'self'
'unsafe-inline' ; script-src 'self' ; style-src 'self' 'unsafe-inline'
; img-src 'self' ; font-src 'self' ; connect-src 'self' ; media-src
'self' ; object-src 'self' ; child-src 'self' ; frame-ancestors 'none'
; form-action 'self' ; upgrade-insecure-requests;
block-all-mixed-content; reflected-xss block; "
    Header set X-Frame-Options DENY
         Header set Cache-Control:public, max-age=31536000
Header always set Strict-Transport-Security: "max-age=31536000;
includeSubDomains; preload"
Header append Referrer-Policy: no-referrer-when-downgrade
Header always unset "X-Powered-By"
Header set X-Permitted-Cross-Domain-Policies "none"
TraceEnable off

# Deploy Content Security Policy CSP
<IfModule mod_headers.c>
Header set X-Content-Security-Policy "default-src 'self'; img-src
'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src
'self' 'unsafe-inline'; connect-src 'self';"
Header set Content-Security-Policy "default-src 'self'; script-src 'self';"

# mod_evasive module
<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        50
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   300
DOSEmailNotify webmaster@xxxxxxxxxx
DOSLogDir		"/var/log/mod_evasive"
DOSSystemCommand '/sbin/pfctl -t evasive -T add %s'

To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx