- <VirtualHost *:443>
- ServerName mastodon.hoge
- Header add Strict-Transport-Security "max-age=31536000 ; includeSubdomains ; Preload "
- Header add X-Content-Type-Options nosniff
- Header add Referrer-Policy "unsafe-url"
- Header add Content-Security-Policy "frame-ancestors 'none'; object-src 'none'; script-src 'self'; base-uri 'none'"
- SSLEngine on
- SSLHonorCipherOrder on
- SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
- SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5