Last active
December 25, 2023 02:59
-
-
Save bhubbard/6082577 to your computer and use it in GitHub Desktop.
This is my template .htaccess file for WordPress on Cloud Sites.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Apache Server Config | MIT License | |
| # https://gist.github.com/bhubbard/6082577 | |
| # Modified from https://github.com/h5bp/server-configs-apaches | |
| # ############################################################################## | |
| # # Default WordPress # | |
| # ############################################################################## | |
| # http://randomtype.ca/blog/the-wordpress-htaccess-file-explained/ | |
| # BEGIN WordPress | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^index\.php$ - [L] | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule . /index.php [L] | |
| </IfModule> | |
| # END WordPress | |
| # ############################################################################## | |
| # # WP SuperCache # | |
| # ############################################################################## | |
| # ############################################################################## | |
| # # 301 Redirects # | |
| # ############################################################################## | |
| # Redirect 301 /example-old-link http://www.domain.com/example-new-link | |
| # ############################################################################## | |
| # # RackSpace Cloud Sites # | |
| # ############################################################################## | |
| # ------------------------------------------------------------------------------ | |
| # | PHP MAX Site Settings | | |
| # ------------------------------------------------------------------------------ | |
| php_value max_execution_time 3600 | |
| php_value upload_max_filesize 20M | |
| php_value post_max_size 220M | |
| php_value memory_limit 1024M | |
| # ------------------------------------------------------------------------------ | |
| # | Enable xCache | | |
| # ------------------------------------------------------------------------------ | |
| # http://www.rackspace.com/knowledge_center/article/cloud-sites-php-op-code-cache | |
| # php_flag xcache.size 0 | |
| php_flag xcache.cacher on | |
| php_flag xcache.stat on | |
| # Wait for v2.0 | |
| # php_flag xcache.optimizer on | |
| # ------------------------------------------------------------------------------ | |
| # | Enable Mod Deflate | | |
| # ------------------------------------------------------------------------------ | |
| # http://www.sysadminworld.com/2012/enable-gzip-compression-for-rackspace-cloud-sites/ | |
| <IfModule mod_deflate.c> | |
| # Insert filter | |
| SetOutputFilter DEFLATE | |
| # Don't compress images | |
| SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary | |
| # Make sure proxies don't deliver the wrong content | |
| Header append Vary User-Agent env=!dont-vary | |
| </IfModule> | |
| # ############################################################################## | |
| # # CROSS-ORIGIN RESOURCE SHARING (CORS) # | |
| # ############################################################################## | |
| # ------------------------------------------------------------------------------ | |
| # | Cross-domain AJAX requests | | |
| # ------------------------------------------------------------------------------ | |
| # Enable cross-origin AJAX requests. | |
| # http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity | |
| # http://enable-cors.org/ | |
| # <IfModule mod_headers.c> | |
| # Header set Access-Control-Allow-Origin "*" | |
| # </IfModule> | |
| # ------------------------------------------------------------------------------ | |
| # | CORS-enabled images | | |
| # ------------------------------------------------------------------------------ | |
| # Send the CORS header for images when browsers request it. | |
| # https://developer.mozilla.org/en/CORS_Enabled_Image | |
| # http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html | |
| # http://hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ | |
| <IfModule mod_setenvif.c> | |
| <IfModule mod_headers.c> | |
| <FilesMatch "\.(gif|ico|jpe?g|png|svgz?|webp)$"> | |
| SetEnvIf Origin ":" IS_CORS | |
| Header set Access-Control-Allow-Origin "*" env=IS_CORS | |
| </FilesMatch> | |
| </IfModule> | |
| </IfModule> | |
| # ------------------------------------------------------------------------------ | |
| # | Web fonts access | | |
| # ------------------------------------------------------------------------------ | |
| # Allow access from all domains for web fonts | |
| <IfModule mod_headers.c> | |
| <FilesMatch ".(eot|ttf|otf|woff|ttc)"> | |
| Header set Access-Control-Allow-Origin "*" | |
| </FilesMatch> | |
| </IfModule> | |
| # ############################################################################## | |
| # # INTERNET EXPLORER # | |
| # ############################################################################## | |
| # ------------------------------------------------------------------------------ | |
| # | Better website experience | | |
| # ------------------------------------------------------------------------------ | |
| # Force IE to render pages in the highest available mode in the various | |
| # cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf. | |
| <IfModule mod_headers.c> | |
| Header set X-UA-Compatible "IE=edge" | |
| # `mod_headers` can't match based on the content-type, however, we only | |
| # want to send this header for HTML pages and not for the other resources | |
| <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$"> | |
| Header unset X-UA-Compatible | |
| </FilesMatch> | |
| </IfModule> | |
| # ############################################################################## | |
| # # MIME TYPES AND ENCODING # | |
| # ############################################################################## | |
| # ------------------------------------------------------------------------------ | |
| # | Proper MIME types for all files | | |
| # ------------------------------------------------------------------------------ | |
| <IfModule mod_mime.c> | |
| # Audio | |
| AddType audio/mp4 m4a f4a f4b | |
| AddType audio/ogg oga ogg | |
| # JavaScript | |
| # Normalize to standard type (it's sniffed in IE anyways): | |
| # http://tools.ietf.org/html/rfc4329#section-7.2 | |
| AddType application/javascript js | |
| AddType application/json json | |
| # Video | |
| AddType video/mp4 mp4 m4v f4v f4p | |
| AddType video/ogg ogv | |
| AddType video/webm webm | |
| AddType video/x-flv flv | |
| # Web fonts | |
| AddType application/font-woff woff | |
| AddType application/vnd.ms-fontobject eot | |
| # Browsers usually ignore the font MIME types and sniff the content, | |
| # however, Chrome shows a warning if other MIME types are used for the | |
| # following fonts. | |
| AddType application/x-font-ttf ttc ttf | |
| AddType font/opentype otf | |
| # Make SVGZ fonts work on iPad: | |
| # https://twitter.com/FontSquirrel/status/14855840545 | |
| AddType image/svg+xml svg svgz | |
| AddEncoding gzip svgz | |
| # Other | |
| AddType application/octet-stream safariextz | |
| AddType application/x-chrome-extension crx | |
| AddType application/x-opera-extension oex | |
| AddType application/x-shockwave-flash swf | |
| AddType application/x-web-app-manifest+json webapp | |
| AddType application/x-xpinstall xpi | |
| AddType application/xml atom rdf rss xml | |
| AddType image/webp webp | |
| AddType image/x-icon ico | |
| AddType text/cache-manifest appcache manifest | |
| AddType text/vtt vtt | |
| AddType text/x-component htc | |
| AddType text/x-vcard vcf | |
| </IfModule> | |
| # ------------------------------------------------------------------------------ | |
| # | Cache Control Public Headers | | |
| # ------------------------------------------------------------------------------ | |
| # 480 weeks | |
| <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$"> | |
| Header set Cache-Control "max-age=290304000, public" | |
| </FilesMatch> | |
| # 2 DAYS | |
| <FilesMatch "\.(xml|txt)$"> | |
| Header set Cache-Control "max-age=172800, public, must-revalidate" | |
| </FilesMatch> | |
| # 2 HOURS | |
| <FilesMatch "\.(html|htm)$"> | |
| Header set Cache-Control "max-age=7200, must-revalidate" | |
| </FilesMatch> | |
| # ------------------------------------------------------------------------------ | |
| # | UTF-8 encoding | | |
| # ------------------------------------------------------------------------------ | |
| # Use UTF-8 encoding for anything served as `text/html` or `text/plain`. | |
| AddDefaultCharset utf-8 | |
| # Force UTF-8 for certain file formats. | |
| <IfModule mod_mime.c> | |
| AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml | |
| </IfModule> | |
| # ------------------------------------------------------------------------------ | |
| # | ETag removal | | |
| # ------------------------------------------------------------------------------ | |
| # Since we're sending far-future expires headers (see below), ETags can | |
| # be removed: http://developer.yahoo.com/performance/rules.html#etags. | |
| # `FileETag None` is not enough for every server. | |
| <IfModule mod_headers.c> | |
| Header unset ETag | |
| </IfModule> | |
| FileETag None | |
| # ------------------------------------------------------------------------------ | |
| # | Expires headers (for better cache control) | | |
| # ------------------------------------------------------------------------------ | |
| # The following expires headers are set pretty far in the future. If you don't | |
| # control versioning with filename-based cache busting, consider lowering the | |
| # cache time for resources like CSS and JS to something like 1 week. | |
| <IfModule mod_expires.c> | |
| ExpiresActive on | |
| ExpiresDefault "access plus 1 month" | |
| # CSS | |
| ExpiresByType text/css "access plus 1 week" | |
| # Data interchange | |
| ExpiresByType application/json "access plus 0 seconds" | |
| ExpiresByType application/xml "access plus 0 seconds" | |
| ExpiresByType text/xml "access plus 0 seconds" | |
| # Favicon (cannot be renamed!) and cursor images | |
| ExpiresByType image/x-icon "access plus 1 week" | |
| # HTML components (HTCs) | |
| ExpiresByType text/x-component "access plus 1 month" | |
| # HTML | |
| ExpiresByType text/html "access plus 0 seconds" | |
| # JavaScript | |
| ExpiresByType application/javascript "access plus 1 week" | |
| # Manifest files | |
| ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" | |
| ExpiresByType text/cache-manifest "access plus 0 seconds" | |
| # Media | |
| ExpiresByType audio/ogg "access plus 1 month" | |
| ExpiresByType image/gif "access plus 1 month" | |
| ExpiresByType image/jpg "access plus 1 month" | |
| ExpiresByType image/jpeg "access plus 1 month" | |
| ExpiresByType image/png "access plus 1 month" | |
| ExpiresByType video/mp4 "access plus 1 month" | |
| ExpiresByType video/ogg "access plus 1 month" | |
| ExpiresByType video/webm "access plus 1 month" | |
| # Web feeds | |
| ExpiresByType application/atom+xml "access plus 1 hour" | |
| ExpiresByType application/rss+xml "access plus 1 hour" | |
| # Web fonts | |
| ExpiresByType application/font-woff "access plus 1 month" | |
| ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
| ExpiresByType application/x-font-ttf "access plus 1 month" | |
| ExpiresByType font/opentype "access plus 1 month" | |
| ExpiresByType image/svg+xml "access plus 1 month" | |
| </IfModule> | |
| # ############################################################################## | |
| # # SECURITY # | |
| # ############################################################################## | |
| # Disable allow_url_fopen for security reasons | |
| # php_flag allow_url_fopen off | |
| # ------------------------------------------------------------------------------ | |
| # | File access | | |
| # ------------------------------------------------------------------------------ | |
| # Block access to directories without a default document. | |
| # Usually you should leave this uncommented because you shouldn't allow anyone | |
| # to surf through every directory on your server (which may includes rather | |
| # private places like the CMS's directories). | |
| <IfModule mod_autoindex.c> | |
| Options -Indexes | |
| </IfModule> | |
| # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
| # Block access to hidden files and directories. | |
| # This includes directories used by version control systems such as Git and SVN. | |
| <IfModule mod_rewrite.c> | |
| RewriteCond %{SCRIPT_FILENAME} -d [OR] | |
| RewriteCond %{SCRIPT_FILENAME} -f | |
| RewriteRule "(^|/)\." - [F] | |
| </IfModule> | |
| # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
| # Block access to backup and source files. | |
| # These files may be left by some text editors and can pose a great security | |
| # danger when anyone has access to them. | |
| <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$"> | |
| # Apache < 2.3 | |
| <IfModule !mod_authz_core.c> | |
| Order allow,deny | |
| Deny from all | |
| Satisfy All | |
| </IfModule> | |
| # Apache ≥ 2.3 | |
| <IfModule mod_authz_core.c> | |
| Require all denied | |
| </IfModule> | |
| </FilesMatch> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment