'' CENTOS HTTPD CONF''
Options -Indexes -ExecCGI -FollowSymLinks
AllowOverride none
Require all denied
#Options -Indexes -ExecCGI -Include -FollowSymLinkss
Options -Indexes -ExecCGI -FollowSymLinks
AllowOverride None
# Allow open access:
Require all granted
Options FollowSymLinks
Options -Indexes -ExecCGI -Includes
AllowOverride None
Require all granted
At the end before last line
ServerSignature Off
ServerTokens Prod
FileETag None
Header append X-FRAME-OPTIONS "SAMEORIGIN"
Header set X-XSS-Protection "1; mode=block"
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Also HASH info and userdir module in the following file
/etc/httpd/conf.modules.d/00-base.conf