<IfModule autoindex>
  IndexIgnore *
</IfModule>

Header always set X-Content-Type-Options "nosniff"

Header set X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"

Header set Cache-Control "no-cache, no-store, must-revalidate" 	
Header set Pragma "no-cache" 	
Header set Expires 0

Header always edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=Strict
#Header always edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) 
RewriteRule .* - [F]

<Files ~ "\.(env|json|xml|config|config.js|md|gitignore|gitattributes|lock|example|phpunit.xml|web.config)$">
    Order allow,deny
    Deny from all
</Files>
<IfModule mod_reqtimeout.c>  
  #RequestReadTimeout header=10-20,MinRate=500 body=10-20,MinRate=500
</IfModule>
#RequestReadTimeout header=15 body=30
#RequestReadTimeout header=10-20,MinRate=500 body=10-20,MinRate=500
