From 38ddc33afc333952cfafa864425972a8574e0ff6 Mon Sep 17 00:00:00 2001
From: Wolfyshy LeLoupe <wolfyshy@outlook.com>
Date: Wed, 3 May 2017 19:28:56 -0500
Subject: [PATCH] Update Apache configuration a bit

This is the configuration we use on https://generous.horse and it includes the Cache-Control and Referrer-Policy headers.
---
 Running-Mastodon/Alternatives.md | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/Running-Mastodon/Alternatives.md b/Running-Mastodon/Alternatives.md
index 68f6b5bb..bf5e2e1d 100644
--- a/Running-Mastodon/Alternatives.md
+++ b/Running-Mastodon/Alternatives.md
@@ -191,15 +191,26 @@ Setting up Mastodon behind Apache is possible as well, although you will need to
 
    DocumentRoot /home/mastodon/live/public/
 
-   Header add Strict-Transport-Security "max-age=31536000"
+   Header always set Referrer-Policy "strict-origin-when-cross-origin"
+   Header always set Strict-Transport-Security "max-age=31536000"
+
    SSLEngine on
    SSLProtocol -all +TLSv1.2
    SSLHonorCipherOrder on
    SSLCipherSuite EECDH+AESGCM:AES256+EECDH:AES128+EECDH
+   SSLCompression off
+   SSLSessionTickets off
+   SSLStaplingResponderTimeout 5
+   SSLStaplingReturnResponderErrors off
+   SSLUseStapling on
 
    SSLCertificateFile example.pem
    SSLCertificateKeyFile example.key
 
+   <Location /assets>
+      Header always set Cache-Control "public, max-age=31536000, immutable"
+   </Location>
+
    ProxyPreserveHost On
    RequestHeader set X-Forwarded-Proto "https"
    ProxyPass /500.html !