.htaccess 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. #
  2. # _ _ ____ _
  3. # _| || |_/ ___| ___ _ __ _ __ ___ | |
  4. # |_ .. _\___ \ / _ \ '_ \| '_ \ / _ \| |
  5. # |_ _|___) | __/ |_) | |_) | (_) |_|
  6. # |_||_| |____/ \___| .__/| .__/ \___/(_)
  7. # |_| |_|
  8. #
  9. # Personal Social Web.
  10. #
  11. # Copyright (C) The #Seppo contributors. All rights reserved.
  12. #
  13. # This program is free software: you can redistribute it and/or modify
  14. # it under the terms of the GNU General Public License as published by
  15. # the Free Software Foundation, either version 3 of the License, or
  16. # (at your option) any later version.
  17. #
  18. # This program is distributed in the hope that it will be useful,
  19. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. # GNU General Public License for more details.
  22. #
  23. # You should have received a copy of the GNU General Public License
  24. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  25. #
  26. # Requires:
  27. # mod_cgi.c
  28. # mod_rewrite.c
  29. # mandatory, already before first run of cgi (hopefully a webserver default or
  30. # uncomment and place .htaccess manually...):
  31. # AddHandler cgi-script .cgi
  32. # Options FollowSymLinks ExecCGI
  33. # mandatory
  34. DirectoryIndex index.html index.xml index.json
  35. # recommended
  36. AddDefaultCharset UTF-8
  37. AddType "application/javascript" js jsonp
  38. AddType "application/jrd+json" jrd
  39. AddType "application/json" json
  40. AddType "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"" jsa jlda
  41. AddType "image/jpeg" jpg
  42. AddType "image/svg+xml" svg
  43. AddType "text/css" css
  44. AddType "text/html" html
  45. AddType "text/xml" xml
  46. AddType "text/xsl" xslt
  47. AddOutputFilter DEFLATE html xml xslt css jlda jsa js json jsonp svg
  48. # recommended
  49. # https://observatory.mozilla.org/
  50. # Header set Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-hGqewLn4csF93PEX/0TCk2jdnAytXBZFxFBzKt7wcgo='; connect-src 'self'; font-src 'self'; img-src 'self' data: https://*; media-src 'self';"
  51. Header set Content-Security-Policy "base-uri 'none'; form-action 'self'; frame-ancestors 'none'; default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-hGqewLn4csF93PEX/0TCk2jdnAytXBZFxFBzKt7wcgo='; connect-src 'self'; font-src 'self'; img-src data: 'self' https://*; media-src 'self';"
  52. Header set Referrer-Policy no-referrer
  53. Header set X-Content-Type-Options nosniff
  54. Header set X-Frame-Options DENY
  55. # nice
  56. Header add X-Powered-By "Seppo.Social"
  57. # https://lobste.rs/s/1phzpg/block_ai_training_on_web_site
  58. Header add X-Robots-Tag "noai, noimageai, GPC"
  59. # cache assets only (see themes/current/.htaccess)
  60. <If "%{REQUEST_URI} =~ m#^/seppo\.cgi/actor/icon$#">
  61. Header set Cache-Control "max-age=86400, public"
  62. </If>
  63. <Else>
  64. Header set Cache-Control "no-cache"
  65. </Else>
  66. Header set Connection Keep-Alive