投稿日:2021/04/19
GMOサーバーで確認。
https://securityheaders.com/
.htaccess
の最下部に下記を追加。
確認は下記サイトで行う。https://securityheaders.com/
<ifModule mod_headers.c>
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options SAMEORIGIN
Header always set X-Download-Options: noopen
Header always set X-Powered-By: ""
Header always set Referrer-Policy: no-referrer-when-downgrade
Header always set Content-Security-Policy "block-all-mixed-content"
Header always set Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()"
</ifModule>