Show comments in the .htaccess?
Allow cross-origin requests
Allow cross-origin images
Allow cross-origin web fonts
Allow Cross-origin resource timing
Render pages in the highest IE-mode?
Allow IFrame cookies?
Serve resources with the proper media types (f.k.a. MIME types)?
Serve `text/html` or `text/plain` with charset `UTF-8`?
Serve data interchange file types with charset `UTF-8`?
Enable compression?
Enable content transformation
Enable file concatenation?
Enable filename-based cache busting
Enable expires headers?
Expires Default
Type
Expire time value
Expire time
Disable the pattern matching based on filenames.
Enable Clickjacking-Protection?
Content Security Policy (CSP) - Please use CSP Builder
No access to directories without default document?
Block access to hidden files and directories (e.g. .git) except `/.well-known/` hidden directory.
Block access to files that can expose sensitive information?
Enable HTTP Strict Transport Security (HSTS)?
Reduce MIME type security risks?
Re-enable (XSS) filter
Remove the `X-Powered-By` response header?
Show server software information?