[pastacode lang=”apacheconf” manual=”%0A%23Security%20Settings%20start%0A%23https%3A%2F%2Fsecurityheaders.io%2F%3Fq%3Dblog.fawcs.info%26hide%3Don%26followRedirects%3Don%0A%23HSTS-enabled%0AHeader%20always%20set%20Strict-Transport-Security%20%22max-age%3D31536000%3B%20includeSubDomains%3B%20pre%0A%23Content-Security-Policy%0AHeader%20always%20set%20Content-Security-Policy%20%22default-src%20https%3A%20data%3A%20’unsafe-inline’%20’%0A%23Public-Key-Pins%0A%0A%0A%23X-Frame-Options%0AHeader%20always%20set%20X-Frame-Options%20%22SAMEORIGIN%22%0A%23X-XSS-Protection%0AHeader%20always%20set%20X-Xss-Protection%20%221%3B%20mode%3Dblock%22%0A%23X-Content-Type-Options%0AHeader%20always%20set%20X-Content-Type-Options%20%22nosniff%22%0A%0ASSLProxyEngine%20on%0ASSLEngine%20on%0ASSLProtocol%20all%20-SSLv2%20-SSLv3%20-TLSv1%0ASSLHonorCipherOrder%20on%0ASSLCipherSuite%20%22EECDH%2BECDSA%2BAESGCM%20EECDH%2BaRSA%2BAESGCM%20EECDH%2BECDSA%2BSHA384%20EECDH%2BECDSA%2BS%20!3DES%20!MD5%20!EXP%20!PSK%20!SRP%20!DSS%22%0A%0A%23Custom%20Settings%0ATraceEnable%20off%0AServerSignature%20Off%0AServerTokens%20Prod%0A” message=”” highlight=”” provider=”manual”/]