GaryJones · February 4, 2012 03:05
diff --git a/.htaccess b/.htaccess
 # Increase the memory usage.
 # If you get an error after adding this, try 64M or 32M instead.
 php_value memory_limit "128M"

 # Add syntax highlighting
 AddType application/x-httpd-php-source .phps

 # JavaScript
 #   Normalize to standard type (it's sniffed in IE anyways)
 #   tools.ietf.org/html/rfc4329#section-7.2
 AddType application/javascript              js

 # Audio
 AddType audio/ogg                           oga ogg
 AddType audio/mp4                           m4a

 # Video
 AddType video/ogg                           ogv
 AddType video/mp4                           mp4 m4v
 AddType video/webm                          webm

 # SVG
 #   Required for svg webfonts on iPad
 #   twitter.com/FontSquirrel/status/14855840545
 AddType     image/svg+xml                   svg svgz
 AddEncoding gzip                            svgz

 # Webfonts
 AddType application/vnd.ms-fontobject       eot
 AddType application/x-font-ttf              ttf ttc
 AddType font/opentype                       otf
 AddType application/x-font-woff             woff

 # Assorted types
 AddType image/x-icon                        ico
 AddType image/webp                          webp
 AddType text/cache-manifest                 appcache manifest
 AddType text/x-component                    htc
 AddType application/x-chrome-extension      crx
 AddType application/x-opera-extension       oex
 AddType application/x-xpinstall             xpi
 AddType application/octet-stream            safariextz
 AddType application/x-web-app-manifest+json webapp
 AddType text/x-vcard                        vcf

 # Use UTF-8 encoding for anything served text/plain or text/html
 AddDefaultCharset utf-8

 # Force UTF-8 for a number of file formats
 AddCharset utf-8 .css .js .xml .json .rss .atom

 # BEGIN Block directory browsing
 <IfModule mod_autoindex.c>
  Options -Indexes
 </IfModule>
 # END Block directory browsing

 # Don't allow access to .htaccess
 <Files .htaccess>
 deny from all
 </Files>
 IndexIgnore .htaccess */.??*

 # Default Language
 DefaultLanguage en-GB

 # BEGIN Enable Gzip
 # Best and easiest form of optimisation - sacrifice CPU cycles to encode for much smaller data transfer - well worth it.
 # Don't gzip images - they are already compressed.
 # For even more benefit, write alphabetical CSS key:value pairs and HTML attributes! (Google saved about 1.5% data transfer by doing this)
 <IfModule mod_deflate.c>
  <IfModule mod_setenvif.c>
  
    # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
    <IfModule mod_headers.c>
      SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
      RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
    </IfModule>
    
      BrowserMatch ^Mozilla/4 gzip-only-text/html
      BrowserMatch ^Mozilla/4\.0[678] no-gzip
      BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
      BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
  </IfModule>
  <IfModule mod_headers.c>
      Header append Vary User-Agent env=!dont-vary
  </IfModule>
  AddOutputFilterByType DEFLATE text/css application/javascript text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml
  <FilesMatch "\.(ttf|otf|eot|svg)$" >
    SetOutputFilter DEFLATE
  </FilesMatch>
 </IfModule>
 # END Enable Gzip

 # BEGIN Expire headers
 # Makes cached files stay cached for longer (304 Not modified) = fewer 200 responses.
 # Aim for at least 1 month for images, ideally a year (not longer - that'll break RFC specs)
 <IfModule mod_expires.c>
  ExpiresActive On
  ExpiresDefault                              "access plus 1 month"
  ExpiresByType image/*                       "access plus 1 year"
  ExpiresByType video/*                       "access plus 1 year"
  ExpiresByType application/x-shockwave-flash "access plus 1 year"
  ExpiresByType text/css                      "access plus 1 year"
  ExpiresByType application/javascript        "access plus 1 year"
  ExpiresByType application/x-font-ttf        "access plus 2 months"
  ExpiresByType font/opentype                 "access plus 2 months"
  ExpiresByType application/x-font-woff       "access plus 2 months"
  ExpiresByType image/svg+xml                 "access plus 2 months"
  ExpiresByType application/vnd.ms-fontobject "access plus 2 months"
  ExpiresByType text/x-component              "access plus 2 months"
  ExpiresByType application/rss+xml           "access plus 1 hour"
  ExpiresByType application/atom+xml          "access plus 1 hour"
  ExpiresByType text/html                     "access plus 1 hour"
  ExpiresByType application/xhtml+xml         "access plus 1 hour"
  ExpiresByType text/cache-manifest           "access plus 0 seconds"
  ExpiresByType text/xml                      "access plus 0 seconds"
  ExpiresByType application/xml               "access plus 0 seconds"
  ExpiresByType application/json              "access plus 0 seconds"
 </IfModule>
 # END Expire headers

 # BEGIN Cache-Control Headers
 # Only using the private/public values here - not max-age (Expires headers cover the same thing, and are more widely supported)
 <IfModule mod_headers.c>
  <FilesMatch "\\.(ico|pdf|flv|jpe?g|png|gif|swf|js|css|mp3|mp4|woff|eot|ttf)$">
    Header set Cache-Control "public"
  </FilesMatch>
  <FilesMatch "\\.(x?html?|txt|xml|xsl|php)$">
    Header set Cache-Control "private, must-revalidate"
  </FilesMatch>
 </IfModule>
 # END Cache-Control Headers

 # BEGIN Turn ETags Off
 # Inherently misconfigured, especially for server clusters
 <IfModule mod_headers.c>
  Header unset ETag
 </IfModule>
 FileETag None
 # END Turn ETags Off

 # BEGIN Remove Last-Modified Header
 # We're using Expires header to check for freshness, so save bytes by not returning this header.
 <IfModule mod_headers.c>
  Header unset Last-Modified
 </IfModule>
 # END Remove Last-Modified Header

 # BEGIN Better IE experience
 # Force latest IE version, use ChromeFrame if available.
 <IfModule mod_headers.c>
  Header set X-UA-Compatible "IE=Edge,chrome=1"
  # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
  <FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
    Header unset X-UA-Compatible
  </FilesMatch>
 </IfModule>
 # END Better IE Experience

 # BEGIN Image WordPress Media Upload HTTP Error Fix
 <IfModule mod_security.c>
  <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
  </Files>
 </IfModule>
 <IfModule security_module>
  <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
  </Files>
 </IfModule>
 <IfModule security2_module>
  <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
  </Files>
 </IfModule>
 # END Image WordPress Upload HTTP Error Fix
	# Increase the memory usage.
	# If you get an error after adding this, try 64M or 32M instead.
	php_value memory_limit "128M"

	# Add syntax highlighting
	AddType application/x-httpd-php-source .phps

	# JavaScript
	# Normalize to standard type (it's sniffed in IE anyways)
	# tools.ietf.org/html/rfc4329#section-7.2
	AddType application/javascript js

	# Audio
	AddType audio/ogg oga ogg
	AddType audio/mp4 m4a

	# Video
	AddType video/ogg ogv
	AddType video/mp4 mp4 m4v
	AddType video/webm webm

	# SVG
	# Required for svg webfonts on iPad
	# twitter.com/FontSquirrel/status/14855840545
	AddType image/svg+xml svg svgz
	AddEncoding gzip svgz

	# Webfonts
	AddType application/vnd.ms-fontobject eot
	AddType application/x-font-ttf ttf ttc
	AddType font/opentype otf
	AddType application/x-font-woff woff

	# Assorted types
	AddType image/x-icon ico
	AddType image/webp webp
	AddType text/cache-manifest appcache manifest
	AddType text/x-component htc
	AddType application/x-chrome-extension crx
	AddType application/x-opera-extension oex
	AddType application/x-xpinstall xpi
	AddType application/octet-stream safariextz
	AddType application/x-web-app-manifest+json webapp
	AddType text/x-vcard vcf

	# Use UTF-8 encoding for anything served text/plain or text/html
	AddDefaultCharset utf-8

	# Force UTF-8 for a number of file formats
	AddCharset utf-8 .css .js .xml .json .rss .atom

	# BEGIN Block directory browsing
	<IfModule mod_autoindex.c>
	Options -Indexes
	</IfModule>
	# END Block directory browsing

	# Don't allow access to .htaccess
	<Files .htaccess>
	deny from all
	</Files>
	IndexIgnore .htaccess /.??

	# Default Language
	DefaultLanguage en-GB

	# BEGIN Enable Gzip
	# Best and easiest form of optimisation - sacrifice CPU cycles to encode for much smaller data transfer - well worth it.
	# Don't gzip images - they are already compressed.
	# For even more benefit, write alphabetical CSS key:value pairs and HTML attributes! (Google saved about 1.5% data transfer by doing this)
	<IfModule mod_deflate.c>
	<IfModule mod_setenvif.c>

	# Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
	<IfModule mod_headers.c>
	SetEnvIfNoCase ^(Accept-EncodXng\|X-cept-Encoding\|X{15}\|~{15}\|-{15})$ ^((gzip\|deflate)\s,?\s)+\|[X~-]{4,13}$ HAVE_Accept-Encoding
	RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
	</IfModule>

	BrowserMatch ^Mozilla/4 gzip-only-text/html
	BrowserMatch ^Mozilla/4\.0[678] no-gzip
	BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
	BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
	</IfModule>
	<IfModule mod_headers.c>
	Header append Vary User-Agent env=!dont-vary
	</IfModule>
	AddOutputFilterByType DEFLATE text/css application/javascript text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml
	<FilesMatch "\.(ttf\|otf\|eot\|svg)$" >
	SetOutputFilter DEFLATE
	</FilesMatch>
	</IfModule>
	# END Enable Gzip

	# BEGIN Expire headers
	# Makes cached files stay cached for longer (304 Not modified) = fewer 200 responses.
	# Aim for at least 1 month for images, ideally a year (not longer - that'll break RFC specs)
	<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresDefault "access plus 1 month"
	ExpiresByType image/* "access plus 1 year"
	ExpiresByType video/* "access plus 1 year"
	ExpiresByType application/x-shockwave-flash "access plus 1 year"
	ExpiresByType text/css "access plus 1 year"
	ExpiresByType application/javascript "access plus 1 year"
	ExpiresByType application/x-font-ttf "access plus 2 months"
	ExpiresByType font/opentype "access plus 2 months"
	ExpiresByType application/x-font-woff "access plus 2 months"
	ExpiresByType image/svg+xml "access plus 2 months"
	ExpiresByType application/vnd.ms-fontobject "access plus 2 months"
	ExpiresByType text/x-component "access plus 2 months"
	ExpiresByType application/rss+xml "access plus 1 hour"
	ExpiresByType application/atom+xml "access plus 1 hour"
	ExpiresByType text/html "access plus 1 hour"
	ExpiresByType application/xhtml+xml "access plus 1 hour"
	ExpiresByType text/cache-manifest "access plus 0 seconds"
	ExpiresByType text/xml "access plus 0 seconds"
	ExpiresByType application/xml "access plus 0 seconds"
	ExpiresByType application/json "access plus 0 seconds"
	</IfModule>
	# END Expire headers

	# BEGIN Cache-Control Headers
	# Only using the private/public values here - not max-age (Expires headers cover the same thing, and are more widely supported)
	<IfModule mod_headers.c>
	<FilesMatch "\\.(ico\|pdf\|flv\|jpe?g\|png\|gif\|swf\|js\|css\|mp3\|mp4\|woff\|eot\|ttf)$">
	Header set Cache-Control "public"
	</FilesMatch>
	<FilesMatch "\\.(x?html?\|txt\|xml\|xsl\|php)$">
	Header set Cache-Control "private, must-revalidate"
	</FilesMatch>
	</IfModule>
	# END Cache-Control Headers

	# BEGIN Turn ETags Off
	# Inherently misconfigured, especially for server clusters
	<IfModule mod_headers.c>
	Header unset ETag
	</IfModule>
	FileETag None
	# END Turn ETags Off

	# BEGIN Remove Last-Modified Header
	# We're using Expires header to check for freshness, so save bytes by not returning this header.
	<IfModule mod_headers.c>
	Header unset Last-Modified
	</IfModule>
	# END Remove Last-Modified Header

	# BEGIN Better IE experience
	# Force latest IE version, use ChromeFrame if available.
	<IfModule mod_headers.c>
	Header set X-UA-Compatible "IE=Edge,chrome=1"
	# mod_headers can't match by content-type, but we don't want to send this header on everything...
	<FilesMatch "\.(js\|css\|gif\|png\|jpe?g\|pdf\|xml\|oga\|ogg\|m4a\|ogv\|mp4\|m4v\|webm\|svg\|svgz\|eot\|ttf\|otf\|woff\|ico\|webp\|appcache\|manifest\|htc\|crx\|oex\|xpi\|safariextz\|vcf)$" >
	Header unset X-UA-Compatible
	</FilesMatch>
	</IfModule>
	# END Better IE Experience

	# BEGIN Image WordPress Media Upload HTTP Error Fix
	<IfModule mod_security.c>
	<Files async-upload.php>
	SecFilterEngine Off
	SecFilterScanPOST Off
	</Files>
	</IfModule>
	<IfModule security_module>
	<Files async-upload.php>
	SecFilterEngine Off
	SecFilterScanPOST Off
	</Files>
	</IfModule>
	<IfModule security2_module>
	<Files async-upload.php>
	SecFilterEngine Off
	SecFilterScanPOST Off
	</Files>
	</IfModule>
	# END Image WordPress Upload HTTP Error Fix