# --- START: SIMPLE & SAFE SECURITY HEADERS ---

<IfModule mod_headers.c>
    # Prevents browsers from guessing content types
    Header set X-Content-Type-Options "nosniff"

    # Prevents your site from being loaded in an iframe on other domains
    Header set X-Frame-Options "SAMEORIGIN"

    # Controls how much referrer information is sent
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# --- END: SIMPLE & SAFE SECURITY HEADERS ---