'' CENTOS HTTPD CONF'' 

<Directory />
    Options -Indexes -ExecCGI -FollowSymLinks
    AllowOverride none
    Require all denied
</Directory>

<Directory "/var/www">
    #Options -Indexes -ExecCGI -Include -FollowSymLinkss
    Options -Indexes -ExecCGI -FollowSymLinks
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory>


<Directory "/var/www/html">
    
    Options FollowSymLinks
    Options -Indexes -ExecCGI -Includes

    AllowOverride None
    Require all granted
</Directory>

At the end before last line


ServerSignature Off
ServerTokens Prod
FileETag None
Header append X-FRAME-OPTIONS "SAMEORIGIN"
<IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
</IfModule>


Also HASH info and userdir module in the following file

/etc/httpd/conf.modules.d/00-base.conf