3b04a3d78c
Improve session cookie security with HttpOnly and SameSite attributes Add security headers via .htaccess Block direct access to sensitive files Restrict allowed HTTP methods Document cPanel-specific security configuration Add container hardening for ServerTokens and ServerSignature
35 lines
803 B
ApacheConf
35 lines
803 B
ApacheConf
# Minimize server version disclosure
|
|
ServerTokens Prod
|
|
|
|
# Disable PHP version header and error display
|
|
php_flag expose_php Off
|
|
php_flag display_errors Off
|
|
php_flag log_errors On
|
|
|
|
<Directory /var/www/>
|
|
Options FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
# Alias for app assets (styles, fonts, etc.)
|
|
Alias /app/styles /var/www/custom/styles
|
|
Alias /app/fonts /var/www/custom/fonts
|
|
Alias /app/default-styles /var/www/app/default/styles
|
|
|
|
<Directory /var/www/custom/styles>
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory /var/www/custom/fonts>
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory /var/www/app/default/styles>
|
|
Require all granted
|
|
</Directory>
|
|
|
|
# Enable mod_rewrite
|
|
<IfModule !mod_rewrite.c>
|
|
LoadModule rewrite_module modules/mod_rewrite.so
|
|
</IfModule>
|