From 8b823276d45048e7d319ada3aaa2a8f6f5a65973 Mon Sep 17 00:00:00 2001
From: samuel-p <codes@samuel-philipp.de>
Date: Wed, 18 Dec 2019 21:44:37 +0100
Subject: [PATCH] removed .htaccess updated README.md

---
 README.md     | 16 +++++++++++++++-
 src/.htaccess |  6 ------
 2 files changed, 15 insertions(+), 7 deletions(-)
 delete mode 100644 src/.htaccess

diff --git a/README.md b/README.md
index cc7668d..04e7799 100644
--- a/README.md
+++ b/README.md
@@ -5,4 +5,18 @@
 Website for samuel-philipp.de
 
 [GitHub](https://github.com/samuel-p/samuel-philipp.de)
-[GitLab](https://gitlab.com/samuel-p/samuel-philipp.de)
\ No newline at end of file
+[GitLab](https://gitlab.com/samuel-p/samuel-philipp.de)
+
+## Additional Header Parameters
+
+The following Parameters are set directly on the Web-Server.
+
+```
+Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'
+Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
+X-Content-Type-Options: nosniff
+X-Frame-Options: DENY
+X-XSS-Protection: 1; mode=block
+```
+
+There is also a `301` Redirect from http to https.
\ No newline at end of file
diff --git a/src/.htaccess b/src/.htaccess
deleted file mode 100644
index 1220650..0000000
--- a/src/.htaccess
+++ /dev/null
@@ -1,6 +0,0 @@
-RewriteEngine On
-
-Header always set "Content-Security-Policy" "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'"
-
-RewriteCond %{HTTPS} off
-RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]