This repository has been archived by the owner on Jan 24, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
.htaccess
321 lines (294 loc) · 12.7 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
#cross-browser compatibility
<IfModule headers_module>
Header set X-UA-Compatible "IE=Edge,chrome=1"
Header set X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
<FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|woff2|ico|webp|appcache|manifest|htc|crx|xpi|safariextz|vcf)$" >
Header unset X-UA-Compatible
Header unset X-Frame-Options
Header unset X-XSS-Protection
</FilesMatch>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
#Content-Security-Policy protection
#Header set Content-Security-Policy "script-src 'self' *.example.com example.com; object-src 'self' *.example.com example.com"
#<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
# Header unset Content-Security-Policy
#</FilesMatch>
</IfModule>
#mime types
AddType application/javascript js
AddType audio/ogg oga ogg
AddType audio/mp4 m4a
AddType video/ogg ogv
AddType video/mp4 mp4 m4v
AddType video/webm webm
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff
AddType application/x-font-woff2 woff2
AddType image/x-icon ico
AddType image/webp webp
AddType text/cache-manifest appcache manifest
AddType text/x-component htc
AddType application/x-chrome-extension crx
AddType application/x-xpinstall xpi
AddType application/octet-stream safariextz
AddType text/x-vcard vcf
AddType text/html jml
AddType text/html xjml
<FilesMatch "\.jml$">
ForceType text/html
</FilesMatch>
<FilesMatch "\.xjml$">
ForceType text/html
</FilesMatch>
<FilesMatch "\.js$">
ForceType application/javascript
</FilesMatch>
#SSI (enable Server-Side-Include)
<IfModule include_module>
SSILastModified on
<FilesMatch "(?<!\.min)\.js$">
AddHandler server-parsed js
Options +Includes
<IfModule filter_module>
AddOutputFilterByType INCLUDES application/javascript application/json
</IfModule>
SetOutputFilter INCLUDES
<IfModule headers_module>
Header merge Cache-Control max-age=604800
</IfModule>
</FilesMatch>
</IfModule>
#Compress on the fly
<IfModule deflate_module>
<IfModule setenvif_module>
<IfModule headers_module>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
<IfModule version_module>
<IfVersion < 2.4.4>
<IfModule filter_module>
FilterDeclare COMPRESS
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/x-component
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/javascript
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/json
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xhtml+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/rss+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/atom+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/vnd.ms-fontobject
FilterProvider COMPRESS DEFLATE resp=Content-Type $image/svg+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/x-font-ttf
FilterProvider COMPRESS DEFLATE resp=Content-Type $font/opentype
FilterChain COMPRESS
#FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no
FilterProtocol COMPRESS DEFLATE byteranges=no
</IfModule>
</IfVersion>
<IfVersion >= 2.4.4>
<IfModule filter_module>
FilterDeclare COMPRESS
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/html'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/css'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/plain'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/x-component'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/javascript'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/json'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/xhtml+xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/rss+xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/atom+xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/vnd.ms-fontobject'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'image/svg+xml'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'image/x-icon'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/x-font-ttf'"
FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'font/opentype'"
FilterChain COMPRESS
#FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no
FilterProtocol COMPRESS DEFLATE byteranges=no
</IfModule>
</IfVersion>
</IfModule>
<IfModule filter_module>
AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
AddOutputFilterByType DEFLATE image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
</IfModule>
</IfModule>
#Add expire headers
<IfModule expires_module>
ExpiresActive on
ExpiresDefault "access plus 1 month"
ExpiresByType text/cache-manifest "access plus 0 seconds"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
ExpiresByType text/x-component "access plus 1 month"
ExpiresByType font/truetype "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType application/x-font-woff2 "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
<IfModule headers_module>
Header append Cache-Control "public"
</IfModule>
</IfModule>
#Disable Etag
<FilesMatch "\.(css|js|png|jpg|gif|ico|ttf|ttc|otf|eot|woff|woff2|txt|xml|html|swf)(\.gz)?$">
<IfModule headers_module>
Header unset ETag
</IfModule>
FileETag None
#FileETag Size Mtime
</FilesMatch>
#Configure options
Options -MultiViews
Options +FollowSymlinks
Options All -Indexes
DirectorySlash Off
DirectoryIndex index.php
ServerSignature Off
AddDefaultCharset utf-8
AddCharset utf-8 .html .css .js .xml .json .rss .atom .jml .xjml
<IfModule php5_module>
php_value session.cookie_httponly true
</IfModule>
#Block access to certain file types
<FilesMatch "\.(htaccess|htpasswd|ini|log|sh|inc|bak)$">
Order Allow,Deny
Deny from all
</FilesMatch>
#Custom Error Document
ErrorDocument 401 /401
ErrorDocument 403 /403
ErrorDocument 404 /404
ErrorDocument 500 /500
#Enable Rewrite Engine
RewriteEngine On
#Let's Encrypt Free SSL/TLS Certificates
#RewriteRule ^(\.well-known/.*)$ $1 [L]
#Get the current CWD
RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
RewriteRule ^.*$ - [E=REDCAT_URI:%2]
#Block access to dot prefixed files and directories with exceptions
RewriteCond %{REQUEST_URI} !^(.*)\.jml
RewriteCond %{REQUEST_URI} !^(.*)\.xjml
RewriteCond %{REQUEST_URI} !^(.*)\.js
RewriteCond %{REQUEST_URI} !(^|/)\.tmp/min/(.*)
RewriteCond %{REQUEST_URI} (^|/)\.
RewriteRule ^(.*)$ %{ENV:REDCAT_URI}403 [L,R=302]
#Versioned ressources
RewriteRule ^(.*)\.redcat-deploy-([a-z0-9]{1,9})\.(|min.)(js|css)$ $1.$3$4 [L]
#Tmp min
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}%{ENV:REDCAT_URI}.tmp/min/$1.min.$2 -f
RewriteRule ^(.*)\.min\.(js|css)$ %{ENV:REDCAT_URI}.tmp/min/$1.min.$2 [L]
#Shared Mirror
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_URI} !^/shared/
#RewriteCond %{DOCUMENT_ROOT}%{ENV:REDCAT_URI}shared/$1.$2 -f
#RewriteRule ^(.*)\.(css|js|png|jpg|gif|ico|ttf|ttc|otf|eot|woff|woff2|php|txt|xml|html|swf)$ %{ENV:REDCAT_URI}shared/$1.$2 [L,QSA]
#favicon.ico
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^favicon.ico$ %{ENV:REDCAT_URI}img/favicon.ico [L]
#Pre-compressed gzip
AddEncoding gzip .gz .tgz
<IfModule version_module>
<IfVersion < 2.4.4>
<Files *.js>
ForceType application/javascript
</Files>
<Files *.css>
ForceType text/css
</Files>
<Files *.js.gz>
ForceType application/javascript
</Files>
<Files *.css.gz>
ForceType text/css
</Files>
</IfVersion>
<IfVersion >= 2.4.4>
<Files *.js.gz>
ForceType "application/javascript; charset=UTF-8"
</Files>
<Files *.css.gz>
ForceType "text/css; charset=UTF-8"
</Files>
</IfVersion>
</IfModule>
RewriteCond %{HTTP_USER_AGENT} !MSIE
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^(.*)\.min\.(js|css)$ $1.min.$2.gz [L]
#Shared Mirror for directory to index.php
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_URI} !^/shared/
#RewriteCond %{REQUEST_URI} !^/$
#RewriteCond %{DOCUMENT_ROOT}%{ENV:REDCAT_URI}shared/%{REQUEST_URI}/index.php -f
#RewriteRule ^(.*)$ %{ENV:REDCAT_URI}shared/$1/index.php [L,QSA]
#Avoid Duplicate Content on by removing index.php access
RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]
RewriteRule (.*?)/index\.php/*(.*) /$1$2 [R=301,NE,L]
#RedCat Bootstrap
RewriteCond %{DOCUMENT_ROOT}%{ENV:REDCAT_URI}%{REQUEST_URI}/index.php !-f
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
#Force remove www
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTPS} =on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
#Force add www
#RewriteCond %{HTTPS} !=on
#RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
#RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#RewriteCond %{HTTPS} =on
#RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
#RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#SSL - Avoid Duplicate-Content from SSL
#RewriteCond %{SERVER_PORT} ^443$
#RewriteRule ^robots\.txt$ %{ENV:REDCAT_URI}robots_ssl.txt [L]
#CDN - Avoid Duplicate-Content from Content-Delivery-Network
#RewriteCond %{HTTP_HOST} ^cdn\.(.+)$ [NC]
#RewriteRule ^robots\.txt$ %{ENV:REDCAT_URI}robots_cdn.txt [L]
#Domain - Canonicalize domain
#RewriteCond %{HTTP_HOST} !^my-canonical-domain.com$ [NC]
#RewriteCond %{HTTP_HOST} !^my-canonical-domain.dev$ [NC]
#CDN allow static extensions
#RewriteCond %{REQUEST_URI} !.*\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|woff2|ico|webp|appcache|manifest|htc|crx|xpi|safariextz|vcf)
#RewriteRule ^(.*)$ http://my-canonical-domain.com/$1 [L,R=301]