- # don't allow people to retrieve non-cgi executable files or our private data
- <FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
- deny from all
- </FilesMatch>
- <FilesMatch ^(localconfig.js|localconfig.rdf)$>
- allow from all
- </FilesMatch>
- # Force all connections to HTTPS for 90 days at a time.
- Header set Strict-Transport-Security "max-age=7776000"
|
