h5bp/server-configs-apache

Issues

• Fallback with ExpiresDefault does not seem to include images

  #370 opened 2 months ago by creopard
  7

• Format `Content-Security-Policy` header directives

  #359 opened 3 months ago by dcog989
  4

• Add `ExpiresByType` for `audio/mp4` with `"access plus 1 year"`

  #360 opened 4 months ago by creopard
  3

• Add `Shared Brotli` and `Shared Zstandard` (zstd)

  #353 opened 10 months ago by summercms
  2

• Error with `Permissions-Policy` header: Unrecognized feature: `'document-domain'`

  #356 opened 9 months ago by bs-thomas
  1

• Add `Document Policy` to security section

  #343 opened a year ago by summercms
  2

• `Permissions-Policy` header for Google “Topics API”

  #340 opened a year ago by dmarti
  1

• Add build parameter to generate `.htaccess` without comments

  #329 opened 2 years ago by pauloxnet
  2

• Add note about `RewriteOptions Inherit`

  #337 opened a year ago by jamieburchell
  3

• Add `<IfModule http2_module>` for h2 protocol support

  #334 opened a year ago by jamieburchell
  9

• Remove `<IfModule>` from `Options -Indexes`

  #332 opened a year ago by bchr
  1

• Missing `<IfModule mod_authz_core.c>` block

  #331 opened a year ago by jamieburchell
  1

• `ServerTokens Prod` missing

  #330 opened a year ago by jamieburchell
  2

• Variable evaluation in build script

  #317 opened 2 years ago by nlemoine
  2

• Remove `image/avif-sequence` MIME type

  #313 opened 2 years ago by mathiasbynens
  6

• Question: mpm_winnt_module

  #312 opened 2 years ago by thpoiani
  3

• `DirectoryIndex` comment if pre-compressed content is enabled

  #309 opened 2 years ago by vatonbero
  4

• Missing version in custom `.htaccess` builds

  #308 opened 2 years ago by florianbouvot
  8

• SSL auto renewal blocked by www redirect

  #304 opened 2 years ago by mnakalay
  2

• Add MIME types for WebPackage

  #205 opened 2 years ago by Malvoz
  4

• Pre-compressed rewrite directives without `mod_rewrite` check

  #291 opened 2 years ago by DanielRuf
  2

• Feature request: video/mov in .htaccess?

  #296 opened 3 years ago by nijakobius
  4

• Correctly resolve path of build script

  #294 opened 3 years ago by tomkyle
  1

• Increase cache for images and fonts

  #289 opened 3 years ago by jamieburchell
  11

• Add `Permissions-Policy` directive to control FLoC

  #266 opened 3 years ago by doktorbro
  3

• Add `Cross-Origin-Embedder-Policy` and `Cross-Origin-Opener-Policy`

  #250 opened 3 years ago by summercms
  7

• SSL Session Cache can't be in virtualhost

  #264 opened 3 years ago by ObjectifMars
  2

• Please remove XSS protection

  #268 opened 3 years ago by szepeviktor
  1

• Drop support for Internet Explorer

  #210 opened 3 years ago by summercms
  2

• Release number vs. git describe

  #263 opened 3 years ago by tomkyle
  3

• Repo seems to allow host header attacks

  #262 opened 3 years ago by summercms
  10

• apache2 rename to apachectlone

  #261 opened 3 years ago by Srinivasa381224
  1

• Add MIME types for AVIF images

  #220 opened 4 years ago by mathiasbynens
  1

• Brotli adds "content-language: br"

  #248 opened 4 years ago by nlemoine
  2

• Question about the license

  #236 opened 4 years ago by julianpoemp
  2

• Centos8 requires DSO from conf.modules.d

  #234 opened 4 years ago by zishanj
  10

• No apache2 in /usr/local

  #233 opened 4 years ago by ethanbeyer
  4

• Forcing HTTPS

  #232 opened 4 years ago by ethanbeyer
  2

• `Expect-CT` header

  #222 opened 4 years ago by LeoColomb
  3

• Incorrect location for in-place configuration files

  #218 opened 4 years ago by otherjoel
  6

• Non-existent `modules` subfolder

  #219 opened 4 years ago by otherjoel
  1

• Missing h5bp folder?

  #216 opened 4 years ago by otherjoel
  2

• Wrong IfModule directive in line 29 of ssl_engine.conf

  #214 opened 4 years ago by lourdas
  1

• Error: envclause should be in the form env=envar

  #213 opened 4 years ago by leek
  4

• MIME type ('text/html') is not executable

  #212 opened 4 years ago
  0

• Why do we need <Directory> inside <Virtualhost>?

  #211 opened 4 years ago by fazliddin
  4

• X-Frame-Options don't mention anything about CSP

  #208 opened 4 years ago by summercms
  5

• Add an example combining X-XSS-Protection with Reporting API

  #209 opened 4 years ago by summercms
  3

• Question: Why is the Brotli algorithm not added on this code line?

  #207 opened 4 years ago by summercms
  2

• Deal better with the abuse of hidden the “well-known” directory on HTTPS sites

  #206 opened 4 years ago by summercms
  4