Options FollowSymLinks AllowOverride All Require all granted RemoveType .html .htm AddType text/html .html AddType text/html .htm RemoveType .svg .svgz AddType image/svg+xml .svg AddType image/svg+xml .svgz #Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'; img-src * data:; font-src 'self' data:;" DocumentRoot /var/www/html # ServerName typo3.localhost UseCanonicalName On # ServerAlias altogether.at # RewriteEngine on # RewriteCond %{HTTP_HOST} ^altogether\.at$ [NC] # RewriteCond %{HTTP_HOST} !^www\. [NC] # RewriteRule ^(.*)$ https://www.%1altogether.at%{REQUEST_URI} [R=301,L] # Header always set Content-Security-Policy "default-src 'self'; font-src *;img-src *; script-src 'none'; style-src 'unsafe-inline' *; connect-src 'self'" # Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'; img-src * data:; font-src 'self' data:;" DocumentRoot /var/www/html # ServerName typo3.localhost # ServerName localhost UseCanonicalName On # ServerAlias altogether.at # SSLEngine on # SSLOptions +StrictRequire # SSLCertificateFile /etc/ssl/certs/typo3.localhost.crt # SSLCertificateKeyFile /etc/ssl/typo3.localhost.key # SSLCertificateChainFile /etc/ssl/typo3.localhost.csr # Header always set Content-Security-Policy "default-src 'self'; font-src *;img-src *; script-src 'none'; style-src 'unsafe-inline' *; connect-src 'self'" # Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'; img-src * data:; font-src 'self' data:;"