alwisp/docker/apache/000-default.conf

<VirtualHost *:80>
    ServerAdmin webmaster@alwisp.net
    DocumentRoot /var/www/html

    <Directory /var/www/html>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    # Security headers
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"

    # Compression
    <IfModule mod_deflate.c>
        AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript application/json
    </IfModule>

    # Cache static assets
    <IfModule mod_expires.c>
        ExpiresActive On
        ExpiresByType image/jpeg "access plus 1 month"
        ExpiresByType image/png  "access plus 1 month"
        ExpiresByType image/webp "access plus 1 month"
        ExpiresByType image/svg+xml "access plus 1 month"
        ExpiresByType text/css  "access plus 1 week"
        ExpiresByType application/javascript "access plus 1 week"
    </IfModule>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>