Code Snippets

htaccess security lines (or httpd.conf) to protect your server in 2017 | apache

Those automated penetration testers tend to pick these up. They are probably worth putting in just in case. Be careful with the Strict-Transport-Security - read the docs first.

# prevent site being embedded in someone elses iframe
Header always set X-Frame-Options SAMEORIGIN

# supposedly aids XSS protection
Header set X-XSS-Protection "1; mode=block" 

# this one is tricky,  set the TTL to be one hour (3600) when you start as you can permanently cache the DNS
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

# secure cookies to HTTPS
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure

# make charset utf-8
AddDefaultCharset utf-8

Header set X-Content-Type-Options: nosniff

#disable indexing of folders
Options -Indexes

# disable access to another of these file extensions - globally
<FilesMatch "(?i)\.(phar|log|psd|sh|bat|json|htaccess|conf|config|csv|env|project|iml|babelrc|webapp|lock|md|git|gitignore|gitattributes|buildpath|cache|unused|bak|sublime-project|sublime-workspace)$">
 Deny from all
 #satisfy all

Published: Wed 27th December 2017
||COMMENTS|| This site proudly uses PrismJS to display code snippets

If you like this page, please share it.

Code Links - PHP, JS, CSS, Bootstrap, Bash, Emmet, IntelliJ, Sublime etc.

My personal list of links which I keep here publicly incase they help someone else one day.

Code Snippets

Snippets of PHP code I have gathered over the years. I keep them here for my own repository but also to share with others. I always link back when I remember the source.

My Github Repos

A work in progress. I am going to make as many modules that I write in my devbox public as possible.

Kit's Homepage

This site was originally intended as a test bed for code. It now includes my blog about business and powerlifting, as well as games for Spanish language learning

© 2018