Options -Indexes
AllowOverride All
ServerSignature Off
ServerTokens Prod
/etc/php5/apache2/php.ini
, cambiar estas dos variables a true:session.cookie_httponly = True session.cookie_secure = True
/etc/apache2/mods-enabled/headers.load
:Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
$ sudo apt-get install libapache2-mod-security $ sudo a2enmod mod-security $ sudo /etc/init.d/apache2 force-reload
User = ${VARIABLE}
VARIABLE="apache"