Created
August 5, 2019 20:19
-
-
Save eksiscloud/c5b3b56430eb1e570274542dc7f19805 to your computer and use it in GitHub Desktop.
Very general example.com.conf @ Hitch/Varnish (Apache2, Wordpress, WP Rocket, EWWW, NinjaFirewall)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <VirtualHost 127.0.0.1:8080> | |
| ServerAdmin [email protected] | |
| ServerName example.com | |
| ServerAlias www.example.com | |
| DocumentRoot /var/www/html | |
| ErrorLog ${APACHE_LOG_DIR}/error.log | |
| CustomLog ${APACHE_LOG_DIR}/access.log combined | |
| <Directory /var/www/html/> | |
| Options -Indexes +FollowSymLinks +MultiViews | |
| AllowOverride none | |
| Require all granted | |
| Allow from all | |
| <IfModule mod_deflate.c> | |
| SetOutputFilter DEFLATE | |
| <IfModule mod_setenvif.c> | |
| <IfModule mod_headers.c> | |
| SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding | |
| RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding | |
| # Don’t compress images and other uncompressible content | |
| SetEnvIfNoCase Request_URI \ | |
| \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary | |
| </IfModule> | |
| </IfModule> | |
| <IfModule mod_filter.c> | |
| AddOutputFilterByType DEFLATE application/atom+xml \ | |
| application/javascript \ | |
| application/json \ | |
| application/rss+xml \ | |
| application/vnd.ms-fontobject \ | |
| application/x-font-ttf \ | |
| application/xhtml+xml \ | |
| application/xml \ | |
| font/opentype \ | |
| image/svg+xml \ | |
| image/x-icon \ | |
| text/css \ | |
| text/html \ | |
| text/plain \ | |
| text/x-component \ | |
| text/xml | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| Header append Vary: Accept-Encoding | |
| </IfModule> | |
| </IfModule> | |
| # /WP ROCKET | |
| # WP NINJA FIREWALL | |
| <IfModule mod_php7.c> | |
| php_value auto_prepend_file /var/www/html/wp-content/nfwlog/ninjafirewall.php | |
| </IfModule> | |
| # /NINJA FIREWALL | |
| <IfModule mod_headers.c> | |
| Header always set Access-Control-Allow-Origin "*" | |
| </IfModule> | |
| <Files xmlrpc.php> | |
| order deny,allow | |
| deny from all | |
| </Files> | |
| # BEGIN WordPress | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^index\.php$ - [L] | |
| # add a trailing slash to /wp-admin | |
| RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L] | |
| RewriteCond %{REQUEST_FILENAME} -f [OR] | |
| RewriteCond %{REQUEST_FILENAME} -d | |
| RewriteRule ^ - [L] | |
| RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L] | |
| RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L] | |
| RewriteRule . index.php [L] | |
| </IfModule> | |
| # END WordPress | |
| # BEGIN EWWWIO | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteCond %{HTTP_ACCEPT} image/webp | |
| RewriteCond %{REQUEST_FILENAME} (.*)\.(jpe?g|png)$ | |
| RewriteCond %{REQUEST_FILENAME}.webp -f | |
| RewriteCond %{QUERY_STRING} !type=original | |
| RewriteRule (.+)\.(jpe?g|png)$ %{REQUEST_URI}.webp [T=image/webp,E=accept:1,L] | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| Header append Vary Accept env=REDIRECT_accept | |
| </IfModule> | |
| AddType image/webp .webp | |
| # END EWWWIO | |
| # WP ROCKET | |
| AddDefaultCharset UTF-8 | |
| FileETag None | |
| <IfModule mod_mime.c> | |
| AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| Header unset ETag | |
| </IfModule> | |
| <IfModule mod_expires.c> | |
| ExpiresActive on | |
| # Perhaps better to whitelist expires rules? Perhaps. | |
| ExpiresDefault "access plus 1 month" | |
| # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5) | |
| ExpiresByType text/cache-manifest "access plus 0 seconds" | |
| # Your document html | |
| ExpiresByType text/html "access plus 1 week" | |
| # Data | |
| ExpiresByType text/xml "access plus 1 week" | |
| ExpiresByType application/xml "access plus 1 week" | |
| ExpiresByType application/json "access plus 1 week" | |
| # Feed | |
| ExpiresByType application/rss+xml "access plus 1 hour" | |
| ExpiresByType application/atom+xml "access plus 1 hour" | |
| # Favicon (cannot be renamed) | |
| ExpiresByType image/x-icon "access plus 1 month" | |
| # Media: images, video, audio | |
| ExpiresByType image/gif "access plus 1 year" | |
| ExpiresByType image/png "access plus 1 year" | |
| ExpiresByType image/jpeg "access plus 1 year" | |
| ExpiresByType image/webp "access plus 1 year" | |
| ExpiresByType video/ogg "access plus 1 year" | |
| ExpiresByType audio/ogg "access plus 1 year" | |
| ExpiresByType video/mp4 "access plus 1 year" | |
| ExpiresByType video/webm "access plus 1 year" | |
| # HTC files (css3pie) | |
| ExpiresByType text/x-component "access plus 1 month" | |
| # Webfonts | |
| ExpiresByType font/ttf "access plus 4 months" | |
| ExpiresByType font/otf "access plus 4 months" | |
| ExpiresByType font/woff "access plus 4 months" | |
| ExpiresByType font/woff2 "access plus 4 months" | |
| ExpiresByType image/svg+xml "access plus 1 month" | |
| ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
| # CSS and JavaScript | |
| ExpiresByType text/css "access plus 1 year" | |
| ExpiresByType application/javascript "access plus 1 year" | |
| </IfModule> | |
| </Directory> | |
| </VirtualHost> |
Author
eksiscloud
commented
Aug 5, 2019
- AllowOverride none = .htaccess disabled
- AllowOverride All = .htaccess enabled
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment