#
# Apache Security Conf.
#
# Prevent CrossSite Tracing
TraceEnable Off
# Hide Apache Version
ServerTokens ProductOnly
ServerSignature off
# Hide Header X-Powered-By
Header always unset X-Powered-By
# Prepend Click-Jacking
Header append X-FRAME-OPTIONS "SAMEORIGIN"
# for IR^?E
Header set X-Content-Type-Options: "nosniff"
# Anti POODLE
SSLProtocol All -SSLv2 -SSLv3
# Prevent to access to SCM Dir.
Require all denied
Require all denied
Require all denied
Require all denied