ServerName nursesgrouphomecare.co.uk ServerAlias www.nursesgrouphomecare.co.uk ServerAdmin webmaster@localhost DocumentRoot /var/www/homecare ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Include /etc/letsencrypt/options-ssl-apache.conf Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" Header always set X-Frame-Options "DENY" Header always set X-XSS-Protection "1; mode=block" Header always set X-Content-Type-Options "nosniff" Header set Referrer-Policy "strict-origin-when-cross-origin" Header set Permissions-Policy "microphone=(), camera=(), fullscreen=(self)" #Header set Content-Security-Policy "default-src 'self'; script-src 'self' https://www.google.com https://www.gstatic.com https://www.recaptcha.net; object-src 'none'; base-uri 'self';" Header set Access-Control-Allow-Origin "https://nursesgrouphomecare.co.uk" Header set Access-Control-Allow-Methods "GET, POST, OPTIONS" Header set Access-Control-Allow-Headers "Content-Type, Authorization" SSLCertificateFile /etc/letsencrypt/live/nursesgrouphomecare.co.uk/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/nursesgrouphomecare.co.uk/privkey.pem