Last active
August 28, 2016 14:57
-
-
Save henrytran9x/8657664fb48868dcb30b8c73ed9f7ee5 to your computer and use it in GitHub Desktop.
This config default Drupal .htaccess
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Apache/PHP/Drupal settings: | |
| # | |
| # Protect files and directories from prying eyes. | |
| <FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$"> | |
| Order allow,deny | |
| </FilesMatch> | |
| # Don't show directory listings for URLs which map to a directory. | |
| Options -Indexes | |
| # Follow symbolic links in this directory. | |
| Options +FollowSymLinks | |
| # Make Drupal handle any 404 errors. | |
| ErrorDocument 404 /index.php | |
| # Set the default handler. | |
| DirectoryIndex index.php index.html index.htm | |
| # Override PHP settings that cannot be changed at runtime. See | |
| # sites/default/default.settings.php and drupal_environment_initialize() in | |
| # includes/bootstrap.inc for settings that can be changed at runtime. | |
| # PHP 5, Apache 1 and 2. | |
| <IfModule mod_php5.c> | |
| php_flag magic_quotes_gpc off | |
| php_flag magic_quotes_sybase off | |
| php_flag register_globals off | |
| php_flag session.auto_start off | |
| php_value mbstring.http_input pass | |
| php_value mbstring.http_output pass | |
| php_flag mbstring.encoding_translation off | |
| </IfModule> | |
| # Requires mod_expires to be enabled. | |
| <IfModule mod_expires.c> | |
| # Enable expirations. | |
| ExpiresActive On | |
| # Cache all files for 2 weeks after access (A). | |
| ExpiresDefault A1209600 | |
| <FilesMatch \.php$> | |
| # Do not allow PHP scripts to be cached unless they explicitly send cache | |
| # headers themselves. Otherwise all scripts would have to overwrite the | |
| # headers set by mod_expires if they want another caching behavior. This may | |
| # fail if an error occurs early in the bootstrap process, and it may cause | |
| # problems if a non-Drupal PHP file is installed in a subdirectory. | |
| ExpiresActive Off | |
| </FilesMatch> | |
| </IfModule> | |
| # Various rewrite rules. | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine on | |
| # Set "protossl" to "s" if we were accessed via https://. This is used later | |
| # if you enable "www." stripping or enforcement, in order to ensure that | |
| # you don't bounce between http and https. | |
| RewriteRule ^ - [E=protossl] | |
| RewriteCond %{HTTPS} on | |
| RewriteRule ^ - [E=protossl:s] | |
| # Make sure Authorization HTTP header is available to PHP | |
| # even when running as CGI or FastCGI. | |
| RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
| # Block access to "hidden" directories whose names begin with a period. This | |
| # includes directories used by version control systems such as Subversion or | |
| # Git to store control files. Files whose names begin with a period, as well | |
| # as the control files used by CVS, are protected by the FilesMatch directive | |
| # above. | |
| # | |
| # NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is | |
| # not possible to block access to entire directories from .htaccess, because | |
| # <DirectoryMatch> is not allowed here. | |
| # | |
| # If you do not have mod_rewrite installed, you should remove these | |
| # directories from your webroot or otherwise protect them from being | |
| # downloaded. | |
| RewriteRule "(^|/)\." - [F] | |
| # If your site can be accessed both with and without the 'www.' prefix, you | |
| # can use one of the following settings to redirect users to your preferred | |
| # URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option: | |
| # | |
| # To redirect all users to access the site WITH the 'www.' prefix, | |
| # (http://example.com/... will be redirected to http://www.example.com/...) | |
| # uncomment the following: | |
| # RewriteCond %{HTTP_HOST} . | |
| # RewriteCond %{HTTP_HOST} !^www\. [NC] | |
| # RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] | |
| # | |
| # To redirect all users to access the site WITHOUT the 'www.' prefix, | |
| # (http://www.example.com/... will be redirected to http://example.com/...) | |
| # uncomment the following: | |
| # RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] | |
| # RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301] | |
| # Modify the RewriteBase if you are using Drupal in a subdirectory or in a | |
| # VirtualDocumentRoot and the rewrite rules are not working properly. | |
| # For example if your site is at http://example.com/drupal uncomment and | |
| # modify the following line: | |
| # RewriteBase /drupal | |
| # | |
| # If your site is running in a VirtualDocumentRoot at http://example.com/, | |
| # uncomment the following line: | |
| # RewriteBase / | |
| # Pass all requests not referring directly to files in the filesystem to | |
| # index.php. Clean URLs are handled in drupal_environment_initialize(). | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteCond %{REQUEST_URI} !=/favicon.ico | |
| RewriteRule ^ index.php [L] | |
| # Rules to correctly serve gzip compressed CSS and JS files. | |
| # Requires both mod_rewrite and mod_headers to be enabled. | |
| <IfModule mod_headers.c> | |
| # Serve gzip compressed CSS files if they exist and the client accepts gzip. | |
| RewriteCond %{HTTP:Accept-encoding} gzip | |
| RewriteCond %{REQUEST_FILENAME}\.gz -s | |
| RewriteRule ^(.*)\.css $1\.css\.gz [QSA] | |
| # Serve gzip compressed JS files if they exist and the client accepts gzip. | |
| RewriteCond %{HTTP:Accept-encoding} gzip | |
| RewriteCond %{REQUEST_FILENAME}\.gz -s | |
| RewriteRule ^(.*)\.js $1\.js\.gz [QSA] | |
| # Serve correct content types, and prevent mod_deflate double gzip. | |
| RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1] | |
| RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1] | |
| <FilesMatch "(\.js\.gz|\.css\.gz)$"> | |
| # Serve correct encoding type. | |
| Header set Content-Encoding gzip | |
| # Force proxies to cache gzipped & non-gzipped css/js files separately. | |
| Header append Vary Accept-Encoding | |
| </FilesMatch> | |
| </IfModule> | |
| </IfModule> | |
| # Add headers to all responses. | |
| <IfModule mod_headers.c> | |
| # Disable content sniffing, since it's an attack vector. | |
| Header always set X-Content-Type-Options nosniff | |
| </IfModule> | |
| AddDefaultCharset utf-8 | |
| AddCharset utf-8 .htm .html .css .js .woff .woff2 | |
| <IfModule mod_deflate.c> | |
| SetOutputFilter DEFLATE | |
| <IfModule mod_setenvif.c> | |
| BrowserMatch ^Mozilla/4 gzip-only-text/html | |
| BrowserMatch ^Mozilla/4\.0[678] no-gzip | |
| BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html | |
| SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png)$ no-gzip dont-vary | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| Header append Vary User-Agent env=!dont-vary | |
| </IfModule> | |
| <IfModule mod_filter.c> | |
| AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml application/javascript text/css application/x-javascript text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon | |
| </IfModule> | |
| <files *.html> | |
| SetOutputFilter DEFLATE | |
| </files> | |
| </IfModule> | |
| <IfModule mod_expires.c> | |
| ExpiresActive on | |
| ExpiresDefault "access plus 1 month" | |
| ExpiresByType text/cache-manifest "access plus 1 month" | |
| ExpiresByType text/html "access plus 1 month" | |
| ExpiresByType text/xml "access plus 1 month" | |
| ExpiresByType application/xml "access plus 1 month" | |
| ExpiresByType application/json "access plus 1 month" | |
| ExpiresByType application/rss+xml "access plus 1 month" | |
| ExpiresByType image/x-icon "access plus 1 month" | |
| ExpiresByType image/gif "access plus 1 month" | |
| ExpiresByType image/png "access plus 1 month" | |
| ExpiresByType image/jpg "access plus 1 month" | |
| ExpiresByType image/jpeg "access plus 1 month" | |
| ExpiresByType video/ogg "access plus 1 month" | |
| ExpiresByType audio/ogg "access plus 1 month" | |
| ExpiresByType video/mp4 "access plus 1 month" | |
| ExpiresByType video/webm "access plus 1 month" | |
| ExpiresByType text/x-component "access plus 1 month" | |
| ExpiresByType font/truetype "access plus 1 month" | |
| ExpiresByType font/opentype "access plus 1 month" | |
| ExpiresByType application/x-font-ttf "access plus 1 month" | |
| ExpiresByType application/x-font-woff "access plus 1 month" | |
| ExpiresByType application/x-font-woff2 "access plus 1 month" | |
| ExpiresByType image/svg+xml "access plus 1 month" | |
| ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
| ExpiresByType text/css "access plus 1 month" | |
| ExpiresByType application/javascript "access plus 1 month" | |
| ExpiresByType text/javascript "access plus 1 month" | |
| <IfModule mod_headers.c> | |
| Header append Cache-Control "public" | |
| </IfModule> | |
| </IfModule> | |
| # BEGIN Browser Caching/Headers | |
| <IfModule mod_mime.c> | |
| AddType font/ttf .ttf | |
| AddType font/eot .eot | |
| AddType font/otf .otf | |
| AddType font/woff .woff | |
| AddType application/x-font-woff2 .woff2 | |
| AddType application/x-font-woff .woff | |
| AddType application/x-font-ttf .ttf | |
| AddType text/css .css | |
| AddType application/x-javascript .js | |
| AddType text/richtext .rtf .rtx | |
| AddType image/svg+xml .svg .svgz | |
| AddType text/plain .txt | |
| AddType text/xsd .xsd | |
| AddType text/xsl .xsl | |
| AddType video/asf .asf .asx .wax .wmv .wmx | |
| AddType video/avi .avi | |
| AddType image/bmp .bmp | |
| AddType application/java .class | |
| AddType video/divx .divx | |
| AddType application/msword .doc .docx | |
| AddType application/x-msdownload .exe | |
| AddType image/gif .gif | |
| AddType application/x-gzip .gz .gzip | |
| AddType image/x-icon .ico | |
| AddType image/jpeg .jpg .jpeg .jpe | |
| AddType application/vnd.ms-access .mdb | |
| AddType audio/midi .mid .midi | |
| AddType video/quicktime .mov .qt | |
| AddType audio/mpeg .mp3 .m4a | |
| AddType video/mp4 .mp4 .m4v | |
| AddType video/mpeg .mpeg .mpg .mpe | |
| AddType application/vnd.ms-project .mpp | |
| AddType application/vnd.oasis.opendocument.database .odb | |
| AddType application/vnd.oasis.opendocument.chart .odc | |
| AddType application/vnd.oasis.opendocument.formula .odf | |
| AddType application/vnd.oasis.opendocument.graphics .odg | |
| AddType application/vnd.oasis.opendocument.presentation .odp | |
| AddType application/vnd.oasis.opendocument.spreadsheet .ods | |
| AddType application/vnd.oasis.opendocument.text .odt | |
| AddType audio/ogg .ogg | |
| AddType application/pdf .pdf | |
| AddType image/png .png | |
| AddType application/vnd.ms-powerpoint .pot .pps .ppt .pptx | |
| AddType audio/x-realaudio .ra .ram | |
| AddType application/x-shockwave-flash .swf | |
| AddType application/x-tar .tar | |
| AddType image/tiff .tif .tiff | |
| AddType audio/wav .wav | |
| AddType audio/wma .wma | |
| AddType application/vnd.ms-write .wri | |
| AddType application/vnd.ms-excel .xla .xls .xlsx .xlt .xlw | |
| AddType application/zip .zip | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| <FilesMatch "\.(js|css|xml|gz)$"> | |
| Header append Vary: Accept-Encoding | |
| </FilesMatch> | |
| </IfModule> | |
| <FilesMatch "\.(css|js|CSS|JS)$"> | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public, must-revalidate, proxy-revalidate" | |
| </IfModule> | |
| </FilesMatch> | |
| <FilesMatch "\.(rtf|rtx|svg|svgz|txt|xsd|xsl|RTF|RTX|SVG|SVGZ|TXT|XSD|XSL|)$"> | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public, must-revalidate, proxy-revalidate" | |
| </IfModule> | |
| </FilesMatch> | |
| <FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|swf|tar|tif|tiff|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SWF|TAR|TIF|TIFF|WAV|WMA|WRI|XLA|XLS|XLSX|XLT|XLW|ZIP)$"> | |
| <IfModule mod_headers.c> | |
| Header set Pragma "public" | |
| Header append Cache-Control "public, must-revalidate, proxy-revalidate" | |
| </IfModule> | |
| </FilesMatch> | |
| <ifModule mod_headers.c> | |
| <filesMatch ".(ico|jpe?g|png|gif|swf)$"> | |
| Header set Cache-Control "max-age=2592000, public" | |
| </filesMatch> | |
| <filesMatch ".(css)$"> | |
| Header set Cache-Control "max-age=604800, public" | |
| </filesMatch> | |
| <filesMatch ".(js)$"> | |
| Header set Cache-Control "max-age=216000, private" | |
| </filesMatch> | |
| <filesMatch ".(x?html?|php)$"> | |
| Header set Cache-Control "max-age=600, private, must-revalidate" | |
| </filesMatch> | |
| </ifModule> | |
| Header unset ETag | |
| <FilesMatch "\.(gif|jpg|jpeg|png|swf|css|js|html?|xml|txt|ico)$"> | |
| Header set Expires "Wed, 15 Apr 2025 20:00:00 GMT" | |
| Header set Cache-Control "public" | |
| FileETag none | |
| </FilesMatch> | |
| Header unset Last-Modified | |
| <IfModule mod_headers.c> | |
| Header append Vary Accept-Encoding | |
| </IfModule> | |
| <IfModule mod_headers.c> | |
| <FilesMatch "\.(bmp|css|flv|gif|ico|jpg|jpeg|js|pdf|png|svg|swf|tif|tiff|woff|woff2|ttf)$"> | |
| Header set Last-Modified "Mon, 5 Sep 2016 00:00:00 GMT" | |
| </FilesMatch> | |
| </IfModule> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment