Created
May 28, 2015 15:49
-
-
Save alenabdula/681a7a2abf54ef973c84 to your computer and use it in GitHub Desktop.
Custom .htaccess file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ---------------------------------------------------------------------- | |
| # | Application Redirects | |
| # ---------------------------------------------------------------------- | |
| Redirect 301 /old http://www.example.com/new | |
| # ---------------------------------------------------------------------- | |
| # | Cross-origin images | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_setenvif.c> | |
| <IfModule mod_headers.c> | |
| <FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$"> | |
| SetEnvIf Origin ":" IS_CORS | |
| Header set Access-Control-Allow-Origin "*" env=IS_CORS | |
| </FilesMatch> | |
| </IfModule> | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Cross-origin web fonts | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_headers.c> | |
| <FilesMatch "\.(eot|otf|tt[cf]|woff2?)$"> | |
| Header set Access-Control-Allow-Origin "*" | |
| </FilesMatch> | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Error prevention | |
| # ---------------------------------------------------------------------- | |
| Options -MultiViews | |
| # ---------------------------------------------------------------------- | |
| # | Document Mode | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_headers.c> | |
| Header set X-UA-Compatible "IE=edge" | |
| <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$"> | |
| Header unset X-UA-Compatible | |
| </FilesMatch> | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Media types | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_mime.c> | |
| # Data interchange | |
| AddType application/atom+xml atom | |
| AddType application/json json map topojson | |
| AddType application/ld+json jsonld | |
| AddType application/rss+xml rss | |
| AddType application/vnd.geo+json geojson | |
| AddType application/xml rdf xml | |
| # JavaScript | |
| AddType application/javascript js | |
| # Manifest files | |
| AddType application/manifest+json webmanifest | |
| AddType application/x-web-app-manifest+json webapp | |
| AddType text/cache-manifest appcache | |
| # Media files | |
| AddType audio/mp4 f4a f4b m4a | |
| AddType audio/ogg oga ogg opus | |
| AddType image/bmp bmp | |
| AddType image/svg+xml svg svgz | |
| AddType image/webp webp | |
| AddType video/mp4 f4v f4p m4v mp4 | |
| AddType video/ogg ogv | |
| AddType video/webm webm | |
| AddType video/x-flv flv | |
| AddType image/x-icon cur ico | |
| # Web fonts | |
| AddType application/font-woff woff | |
| AddType application/font-woff2 woff2 | |
| AddType application/vnd.ms-fontobject eot | |
| AddType application/x-font-ttf ttc ttf | |
| AddType font/opentype otf | |
| # Other | |
| AddType application/octet-stream safariextz | |
| AddType application/x-bb-appworld bbaw | |
| AddType application/x-chrome-extension crx | |
| AddType application/x-opera-extension oex | |
| AddType application/x-xpinstall xpi | |
| AddType text/vcard vcard vcf | |
| AddType text/vnd.rim.location.xloc xloc | |
| AddType text/vtt vtt | |
| AddType text/x-component htc | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Character encodings | |
| # ---------------------------------------------------------------------- | |
| AddDefaultCharset utf-8 | |
| <IfModule mod_mime.c> | |
| AddCharset utf-8 .atom \ | |
| .bbaw \ | |
| .css \ | |
| .geojson \ | |
| .js \ | |
| .json \ | |
| .jsonld \ | |
| .manifest \ | |
| .rdf \ | |
| .rss \ | |
| .topojson \ | |
| .vtt \ | |
| .webapp \ | |
| .webmanifest \ | |
| .xloc \ | |
| .xml | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | File access | |
| # ---------------------------------------------------------------------- | |
| # Block access to directories without a default document. | |
| <IfModule mod_autoindex.c> | |
| Options -Indexes | |
| </IfModule> | |
| # Block access to all hidden files and directories with the exception of | |
| # the visible content from within the `/.well-known/` hidden directory. | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC] | |
| RewriteCond %{SCRIPT_FILENAME} -d [OR] | |
| RewriteCond %{SCRIPT_FILENAME} -f | |
| RewriteRule "(^|/)\." - [F] | |
| </IfModule> | |
| # Block access to files that can expose sensitive information. | |
| <FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$"> | |
| # Apache < 2.3 | |
| <IfModule !mod_authz_core.c> | |
| Order allow,deny | |
| Deny from all | |
| Satisfy All | |
| </IfModule> | |
| # Apache ≥ 2.3 | |
| <IfModule mod_authz_core.c> | |
| Require all denied | |
| </IfModule> | |
| </FilesMatch> | |
| # ---------------------------------------------------------------------- | |
| # | Reducing MIME type security risks | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_headers.c> | |
| Header set X-Content-Type-Options "nosniff" | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Hide server-side technology information | |
| # ---------------------------------------------------------------------- | |
| ServerSignature Off | |
| <IfModule mod_headers.c> | |
| Header unset X-Powered-By | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | Compression | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_deflate.c> | |
| <IfModule mod_setenvif.c> | |
| <IfModule mod_headers.c> | |
| SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding | |
| RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding | |
| </IfModule> | |
| </IfModule> | |
| <IfModule mod_filter.c> | |
| AddOutputFilterByType DEFLATE "application/atom+xml" \ | |
| "application/javascript" \ | |
| "application/json" \ | |
| "application/ld+json" \ | |
| "application/manifest+json" \ | |
| "application/rdf+xml" \ | |
| "application/rss+xml" \ | |
| "application/schema+json" \ | |
| "application/vnd.geo+json" \ | |
| "application/vnd.ms-fontobject" \ | |
| "application/x-font-ttf" \ | |
| "application/x-javascript" \ | |
| "application/x-web-app-manifest+json" \ | |
| "application/xhtml+xml" \ | |
| "application/xml" \ | |
| "font/eot" \ | |
| "font/opentype" \ | |
| "image/bmp" \ | |
| "image/svg+xml" \ | |
| "image/vnd.microsoft.icon" \ | |
| "image/x-icon" \ | |
| "text/cache-manifest" \ | |
| "text/css" \ | |
| "text/html" \ | |
| "text/javascript" \ | |
| "text/plain" \ | |
| "text/vcard" \ | |
| "text/vnd.rim.location.xloc" \ | |
| "text/vtt" \ | |
| "text/x-component" \ | |
| "text/x-cross-domain-policy" \ | |
| "text/xml" | |
| </IfModule> | |
| <IfModule mod_mime.c> | |
| AddEncoding gzip svgz | |
| </IfModule> | |
| </IfModule> | |
| # ---------------------------------------------------------------------- | |
| # | ETags | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_headers.c> | |
| Header unset ETag | |
| </IfModule> | |
| FileETag None | |
| # ---------------------------------------------------------------------- | |
| # | Expires headers | |
| # ---------------------------------------------------------------------- | |
| <IfModule mod_expires.c> | |
| ExpiresActive on | |
| ExpiresDefault "access plus 1 month" | |
| # CSS | |
| ExpiresByType text/css "access plus 1 year" | |
| # Data interchange | |
| ExpiresByType application/atom+xml "access plus 1 hour" | |
| ExpiresByType application/rdf+xml "access plus 1 hour" | |
| ExpiresByType application/rss+xml "access plus 1 hour" | |
| ExpiresByType application/json "access plus 0 seconds" | |
| ExpiresByType application/ld+json "access plus 0 seconds" | |
| ExpiresByType application/schema+json "access plus 0 seconds" | |
| ExpiresByType application/vnd.geo+json "access plus 0 seconds" | |
| ExpiresByType application/xml "access plus 0 seconds" | |
| ExpiresByType text/xml "access plus 0 seconds" | |
| # Favicon (cannot be renamed!) and cursor images | |
| ExpiresByType image/vnd.microsoft.icon "access plus 1 week" | |
| ExpiresByType image/x-icon "access plus 1 week" | |
| # HTML | |
| ExpiresByType text/html "access plus 0 seconds" | |
| # JavaScript | |
| ExpiresByType application/javascript "access plus 1 year" | |
| ExpiresByType application/x-javascript "access plus 1 year" | |
| ExpiresByType text/javascript "access plus 1 year" | |
| # Manifest files | |
| ExpiresByType application/manifest+json "access plus 1 week" | |
| ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" | |
| ExpiresByType text/cache-manifest "access plus 0 seconds" | |
| # Media files | |
| ExpiresByType audio/ogg "access plus 1 month" | |
| ExpiresByType image/bmp "access plus 1 month" | |
| ExpiresByType image/gif "access plus 1 month" | |
| ExpiresByType image/jpeg "access plus 1 month" | |
| ExpiresByType image/png "access plus 1 month" | |
| ExpiresByType image/svg+xml "access plus 1 month" | |
| ExpiresByType image/webp "access plus 1 month" | |
| ExpiresByType video/mp4 "access plus 1 month" | |
| ExpiresByType video/ogg "access plus 1 month" | |
| ExpiresByType video/webm "access plus 1 month" | |
| # Web fonts | |
| # Embedded OpenType (EOT) | |
| ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
| ExpiresByType font/eot "access plus 1 month" | |
| # OpenType | |
| ExpiresByType font/opentype "access plus 1 month" | |
| # TrueType | |
| ExpiresByType application/x-font-ttf "access plus 1 month" | |
| # Web Open Font Format (WOFF) 1.0 | |
| ExpiresByType application/font-woff "access plus 1 month" | |
| ExpiresByType application/x-font-woff "access plus 1 month" | |
| ExpiresByType font/woff "access plus 1 month" | |
| # Web Open Font Format (WOFF) 2.0 | |
| ExpiresByType application/font-woff2 "access plus 1 month" | |
| # Other | |
| ExpiresByType text/x-cross-domain-policy "access plus 1 week" | |
| </IfModule> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment