Untitled

<VirtualHost *:80>
        ServerName www.test.nl
        ServerAdmin ok@test.nl
        DocumentRoot /home/getij/stage2/public_html
        ErrorDocument 500 /error.cfm
        ErrorDocument 404 /error.cfm
        ErrorDocument 403 /error.cfm
        # Anti XSS protection
        Options +FollowSymLinks
        Header set X-XSS-Protection "1; mode=block"
        RewriteEngine On
        RewriteCond %{QUERY_STRING} (\|%3E) [NC,OR]
        RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
        RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
        RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
        RewriteCond %{QUERY_STRING} .*src=.* [NC,OR]
        RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [NC,OR]
        RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [NC,OR]
        RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR]
        RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
        RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
        RewriteCond %{QUERY_STRING} \.\./\.\. [OR]
        RewriteCond %{QUERY_STRING} (sp_executesql) [NC,OR]
        RewriteCond %{QUERY_STRING} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
        RewriteCond %{REQUEST_URI} (\<|%3C).*script.*(\>|%3E) [NC,OR]
        RewriteCond %{REQUEST_URI} onmouseover [NC]
        RewriteRule .* - [F]
        RewriteCond %{REQUEST_METHOD} ^TRACE
        RewriteRule .* - [F]
        RewriteCond %{REQUEST_METHOD} ^TRACK
        RewriteRule .* - [F]
        # End of Anti XSS protection
        # Miscellaneous security enhancements
        Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
        Header append X-FRAME-OPTIONS "SAMEORIGIN"
        FileETag None
        # End of miscellaneous security enhancements
        <Directory /home/getij/stage2/public_html>
                Options MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
        <Directory "/home/getij/stage2/public_html/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews
        </Directory>
        # Outlook Gadget
        ScriptAlias /outlookgadget/scripts/ "/home/gadget/stage2/public_html/scripts/"
        Alias /outlookgadget "/home/gadget/stage2/public_html"
        # Getij
        ScriptAlias /getij/cgi-bin/ "/home/getij/stage2/public_html/cgi-bin/"
        Alias /getij/ "/home/getij/stage2/public_html/"
        ScriptAlias /wsgetij/cgi-bin/ "/home/getij/stage2/webservice/cgi-bin/"
        Alias /wsgetij/ "/home/getij/stage2/webservice/"
        <Directory "/home/getij/stage2/webservice/cgi-bin">
                Options FollowSymLinks
                AllowOverride None
                Options +ExecCGI -MultiViews
        </Directory>
        ErrorLog /var/log/httpd/getij.error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
        CustomLog /var/log/httpd/getij.access.log combined
        ServerSignature Off
</VirtualHost>