-
-
Save QusaiFarraj/67ca96668809fc031c9878b80415d31c to your computer and use it in GitHub Desktop.
All sorts of .htaccess fixes, redirects and security related settings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Front Controller rewrite | |
RewriteEngine on | |
RewriteBase / | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule ^.*$ index.php [L,NC] | |
# Ensure we are using HTTPS | |
RewriteCond %{HTTPS} !on | |
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] | |
# Ensure all URLs have a trailing slash. | |
RewriteBase / | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_URI} !(.*)/$ | |
RewriteRule ^(.*)$ http://www.example.com/$1/ [L,R=301] | |
#Apache Standard Settings | |
ServerSignature Off | |
#PHP Standard Settings | |
php_value display_errors 0 | |
php_value display_startup_errors 0 | |
php_value expose_php Off | |
#Standard Conanical fixes | |
RewriteEngine on | |
RewriteCond %{HTTP_HOST} ^domain.tld | |
RewriteRule (.*) http://www.domain.tld/$1 [R=301,L] | |
RewriteRule ^index.php$ http://www.domain.tld/ [R=301] | |
RewriteRule ^index.html$ http://www.domain.tld/ [R=301] | |
#Subdirectory as root redirect | |
RewriteEngine On | |
RewriteCond %{HTTP_HOST} ^(www.)?domain.tld$ | |
RewriteRule ^(/)?$ folder [L] | |
# Temp maintenence with a whitelisted IP | |
#Options +FollowSymlinks | |
#RewriteEngine on | |
#RewriteCond %{REQUEST_URI} !/maintenancePage.php$ | |
#RewriteCond %{REMOTE_HOST} !^000\.000\.000\.000 | |
#RewriteRule $ /maintenanc0Pagee.php [R=302,L] | |
#301 Marketing forward | |
Redirect permanent /shortcut http://www.domain.tld/file.php [R=301,L] | |
#301 Page Moved | |
Redirect permanent /newpage.php http://www.domain.tld/oldpage.php [R=301,L] | |
#404 Page Not Found Redirect | |
ErrorDocument 404 /page_not_found.ext | |
# Apache Example Caching | |
<IfModule mod_expires.c> | |
ExpiresActive On | |
ExpiresByType image/gif "access plus 1 week" | |
ExpiresByType image/jpeg "access plus 1 week" | |
ExpiresByType image/png "access plus 1 week" | |
ExpiresByType text/css "access plus 1 week" | |
ExpiresByType text/javascript "access plus 1 week" | |
ExpiresByType application/javascript "access plus 1 week" | |
ExpiresByType application/x-javascript "access plus 1 week" | |
AddType image/vnd.microsoft.icon .ico | |
ExpiresByType image/vnd.microsoft.icon "access plus 3 months" | |
</IfModule> | |
#Apache Example GZIP compression | |
<IfModule mod_expires.c> | |
AddOutputFilterByType DEFLATE text/plain | |
AddOutputFilterByType DEFLATE text/html | |
AddOutputFilterByType DEFLATE text/xml | |
AddOutputFilterByType DEFLATE text/css | |
AddOutputFilterByType DEFLATE text/javascript | |
AddOutputFilterByType DEFLATE application/xml | |
AddOutputFilterByType DEFLATE application/xhtml+xml | |
AddOutputFilterByType DEFLATE application/rss+xml | |
AddOutputFilterByType DEFLATE application/javascript | |
AddOutputFilterByType DEFLATE application/x-javascript | |
</IfModule> | |
#Disable ETag | |
FileETag none | |
#Block php includes from user download | |
<Files ~ "\.inc\.php$"> | |
order allow,deny | |
deny from all | |
</Files> | |
#PHP Settings | |
php_value display_errors 0 | |
php_value display_startup_errors 0 | |
php_value expose_php Off | |
#Apache Settings | |
ServerSignature Off | |
AcceptPathInfo off | |
FileETag none | |
#404 Redirect | |
ErrorDocument 404 /page_not_found.php | |
#Block includes from user download | |
<Files ~ "\.inc\.php$"> | |
order allow,deny | |
deny from all | |
</Files> | |
#keep at bottom of file - loads /pagename.php into requests for /pagename | |
Options +FollowSymlinks | |
RewriteEngine On | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteRule ^([^\.]+)$ $1.php [NC,L] | |
#No directory browsing | |
Options All -Indexes | |
#Ban IPs Example | |
<Limit GET POST> | |
order allow,deny | |
deny from 202.090.21.1 | |
deny from 204.090.21.2 | |
allow from all | |
</Limit> | |
#Protect htaccess | |
<Files ~ "^.*\.([Hh][Tt][Aa])"> | |
order allow,deny | |
deny from all | |
satisfy all | |
</Files> | |
#Disable TRACE Requests | |
RewriteEngine on | |
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) | |
RewriteRule .* - [F] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment