-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.htaccess
More file actions
99 lines (86 loc) · 3.98 KB
/
.htaccess
File metadata and controls
99 lines (86 loc) · 3.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Options not set in httpd.conf
# ------------------------------------------------
Options +FollowSymlinks -Indexes
# Compress the compressables
# ------------------------------------------------
<IfModule mod_deflate.c>
# Force compression for mangled headers.
# https://developer.yahoo.com/blogs/ydn/pushing-beyond-gzipping-25601.html
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
# Compress all output labeled with one of the following MIME-types
# (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
# and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines
# as `AddOutputFilterByType` is still in the core directives).
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/x-web-app-manifest+json \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>
# Restrict certain files
# ------------------------------------------------
<FilesMatch "README\.md|composer\.json|composer\.lock|package\.json|^config/*|\.gitignore|gulpfile\.js|build\.sh|phpunit\.xml">
Require all denied
</FilesMatch>
# Rewriting magic.
# ------------------------------------------------
RewriteEngine on
# Force HTTPS
# ------------------------------------------------
#RewriteCond %{HTTPS} !on
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Note: It’s also recommended to enable HTTP Strict Transport Security (HSTS)
# on your HTTPS website to help prevent man-in-the-middle attacks.
# See https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
#<IfModule mod_headers.c>
# Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
#</IfModule>
# Force www
# ------------------------------------------------
#RewriteCond %{HTTP_HOST} !^$
#RewriteCond %{HTTP_HOST} !^www\. [NC]
#RewriteCond %{HTTPS}s ^on(s)|
#RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force NON-www
# ------------------------------------------------
#RewriteCond %{HTTP_HOST} ^www\.
#RewriteCond %{HTTPS}s ^on(s)|off
#RewriteCond http%1://%{HTTP_HOST} ^(https?://)(www\.)?(.+)$
#RewriteRule ^ %1%3%{REQUEST_URI} [R=301,L]
# Enforce a no-trailing-slash policy
# ------------------------------------------------
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [R=301,L]
# Enforce a trailing-slash policy
# ------------------------------------------------
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteRule ^(.*[^/])$ /$1/ [R=301,L]
# Block useragent libwww-perl to discourage simpler vulnerability scans
# ------------------------------------------------
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* – [F,L]
# Nails Front Controller
# Unless requesting a valid file send to index.php
# ------------------------------------------------
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]