-
Notifications
You must be signed in to change notification settings - Fork 2
/
.htaccess
173 lines (120 loc) · 4.1 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
RewriteEngine on
# redirect www. to non-www.
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
##############
### ROUTES ###
##############
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ %{ENV:BASE}index.php [L,NC,QSA]
##################
### END ROUTES ###
##################
#################
### headers ###
#################
Header set Access-Control-Allow-Methods "POST,GET"
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Private-Network "true"
## age : 31536000 seconds / 365 days
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
## deni frames
Header set Content-Security-Policy "frame-ancestors 'none'"
Header set X-Frame-Options "DENY"
## no sniff
Header set X-Content-Type-Options "nosniff"
## XSS
Header set X-XSS-Protection "1; mode=block"
####################
### end headers ###
####################
#################
### CACHE ###
#################
# SetOutputFilter DEFLATE
## do not cache if these files are already cached
SetEnvIfNoCase Request_URI \.(gif|jpe?g|png|webp)$ no-gzip
## manage very olds browsers
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
## PROXIES
Header append Vary User-Agent env=!dont-vary
## Expire headers
## Expires : 24h -> 86400 | 48h -> 172800 | 8 days -> 691200
## 6 motnhs ~ 184 days -> 15897600 | 1 month -> 2678400
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 15897600 seconds"
ExpiresByType image/jpg "access plus 15897600 seconds"
ExpiresByType image/jpeg "access plus 15897600 seconds"
ExpiresByType image/png "access plus 15897600 seconds"
ExpiresByType image/gif "access plus 15897600 seconds"
ExpiresByType image/ico "access plus 15897600 seconds"
ExpiresByType image/icon "access plus 15897600 seconds"
ExpiresByType image/x-icon "access plus 15897600 seconds"
ExpiresByType text/css "access plus 2678400 seconds"
ExpiresByType text/javascript "access plus 2678400 seconds"
ExpiresByType text/html "access plus 2678400 seconds"
</IfModule>
## END Expire headers
## Cache-Control Headers
## cache in seconds : 24h -> 86400 | 48 h -> 172800 | 8 days -> 691200
## 6 motnhs ~ 184 days -> 15897600 | 1 month -> 2678400
<IfModule mod_headers.c>
<FilesMatch "\.(ico|x-icon|jpe?g|png|gif|webp|swf|gz|ttf|woff2)$">
Header set Cache-Control "max-age=15897600, public, must-revalidate"
</FilesMatch>
<FilesMatch "\.(css)$">
Header set Cache-Control "max-age=2678400, public, must-revalidate"
</FilesMatch>
<FilesMatch "\.(js)$">
Header set Cache-Control "max-age=2678400, public, must-revalidate"
</FilesMatch>
<filesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=2678400, public, must-revalidate"
</filesMatch>
## Disable caching for scripts and other dynamic files
<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
## DO NOT CACHE api_loader.js / cache too main.js if bug imgs loading in slider
<Files api_loader.js>
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</Files>
</IfModule>
## END Cache-Control Headers
#################
### END CACHE ###
#################
## UNSET ETAGS
Header unset ETag
FileETag none
############
## ERRORS ##
############
## Determine if the request does not match an existing file or directory
RewriteCond %{REQUEST_FILENAME} !-f
## If so, send the request to the applicable file, relative to this directory
RewriteRule ^ %{ENV:BASE}404.php [L]
ErrorDocument 404 /404.php
ErrorDocument 500 /404.php
################
## END ERRORS ##
################
## CHARSET
AddDefaultCharset utf-8
## PROTECT READ DIRECTORIES
Options -Indexes
## protect the htaccess file
<files .htaccess>
order allow,deny
deny from all
</files>