Dino Geek, try to help you

How to add HTTP headers via `.htaccess`?


To add HTTP headers via `.htaccess`, you need to use the Apache module `mod_headers`. This module provides directives to control and manipulate HTTP headers. Below are the steps and examples of how to add headers using `.htaccess`.

  1. Steps to Add HTTP Headers via .htaccess

1. Ensure `mod_headers` is enabled: First and foremost, you need to ensure that the `mod_headers` module is enabled on your Apache server. You can usually enable it via the command: \`\`\` sudo a2enmod headers sudo service apache2 restart \`\`\` If you’re on a shared hosting environment, you may need to check with your hosting provider to ensure this module is enabled.

1. Modify the `.htaccess` file: You can add the necessary directives to your `.htaccess` file located in the root directory of your website.

  1. Examples of Adding HTTP Headers

Here are a few common examples of adding HTTP headers via the `.htaccess` file:

1. Add a Content Security Policy (CSP) Header: \`\`\` Header set Content-Security-Policy “default-src ‘self’; script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’;“ \`\`\` This example sets a Content Security Policy that restricts resources to the same origin and allows inline scripts and evaluations.

1. Add an X-Content-Type-Options Header: \`\`\` Header set X-Content-Type-Options “nosniff“ \`\`\` This header helps to prevent MIME type sniffing, enhancing the security of your site by ensuring browsers follow the MIME types specified.

1. Add an X-Frame-Options Header: \`\`\` Header set X-Frame-Options “DENY \`\`\` This header makes sure that your site cannot be embedded into iframes, protecting against clickjacking attacks.

1. Add Cache-Control Headers: \`\`\` Header set Cache-Control “max-age=31536000, public“ \`\`\` This directive sets a long-term cache for HTML, JavaScript, and CSS files, enhancing performance by reducing the number of requests to the server.

  1. Sources

- Apache Module Documentation: The [mod_headers module documentation](https://httpd.apache.org/docs/current/mod/mod_headers.html) provides detailed information about the usage of different directives to manipulate HTTP headers.
- Mozilla Developer Network (MDN): The [HTTP headers documentation on MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers) offers comprehensive descriptions and best practices for using various HTTP headers.

By following these steps and examples, you can effectively control and manipulate HTTP headers via the `.htaccess` file to enhance the security, performance, and behavior of your website.


Simply generate articles to optimize your SEO
Simply generate articles to optimize your SEO





DinoGeek offers simple articles on complex technologies

Would you like to be quoted in this article? It's very simple, contact us at dino@eiki.fr

CSS | NodeJS | DNS | DMARC | MAPI | NNTP | htaccess | PHP | HTTPS | Drupal | WEB3 | LLM | Wordpress | TLD | Domain name | IMAP | TCP | NFT | MariaDB | FTP | Zigbee | NMAP | SNMP | SEO | E-Mail | LXC | HTTP | MangoDB | SFTP | RAG | SSH | HTML | ChatGPT API | OSPF | JavaScript | Docker | OpenVZ | ChatGPT | VPS | ZIMBRA | SPF | UDP | Joomla | IPV6 | BGP | Django | Reactjs | DKIM | VMWare | RSYNC | Python | TFTP | Webdav | FAAS | Apache | IPV4 | LDAP | POP3 | SMTP

| Whispers of love (API) | Déclaration d'Amour |






Legal Notice / General Conditions of Use