From 0951b65571bb59004bc242e27f6b27c1cce18620 Mon Sep 17 00:00:00 2001 From: Raruto Date: Sat, 6 Feb 2021 11:05:17 +0100 Subject: [PATCH] update htaccess from https://github.com/agentejo/cockpit/pull/1404 --- .htaccess | 133 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 86 insertions(+), 47 deletions(-) diff --git a/.htaccess b/.htaccess index 66b66b9..afa8a0a 100644 --- a/.htaccess +++ b/.htaccess @@ -2,19 +2,27 @@ # Apache/PHP/Cockpit settings: # +# ---------------------------------------------------------------------- +# File access +# ---------------------------------------------------------------------- + # Deny access to application and system files from being viewed - = 2.4> - Require all denied - - - Deny from all - + = 2.4> + Require all denied + + + Deny from all + # Disable directory listings Options -Indexes +# ---------------------------------------------------------------------- +# Rewrite Engine +# ---------------------------------------------------------------------- + # Requires mod_rewrite to be enabled @@ -42,43 +50,68 @@ Options -Indexes +# ---------------------------------------------------------------------- +# Charset encoding +# ---------------------------------------------------------------------- + +# Serve all `text/html` and `text/plain` file with UTF-8 charset AddDefaultCharset utf-8 -AddType application/javascript js jsonp tag -AddType application/json json - -# Audio -AddType audio/ogg oga ogg -AddType audio/mp4 m4a f4a f4b - -# Video -AddType video/ogg ogv -AddType video/mp4 mp4 m4v f4v f4p -AddType video/webm webm -AddType video/x-flv flv - -# SVG -# Required for svg webfonts on iPad -# twitter.com/FontSquirrel/status/14855840545 -AddType image/svg+xml svg svgz -AddEncoding gzip svgz - -# Webfonts -AddType application/vnd.ms-fontobject eot -AddType application/x-font-ttf ttf ttc -AddType font/opentype otf -AddType application/x-font-woff woff - -# Assorted types -AddType image/x-icon ico -AddType image/webp webp -AddType text/cache-manifest appcache manifest -AddType text/x-component htc -AddType application/xml rss atom xml rdf -AddType text/x-vcard vcf -AddType application/x-shockwave-flash swf +# ---------------------------------------------------------------------- +# MIME Types +# ---------------------------------------------------------------------- + +# Requires mod_mime to be enabled + + + # Serve resources with the proper media types (MIME types) + + # Javascript + AddType application/javascript js jsonp tag + AddType application/json json + + # Audio + AddType audio/ogg oga ogg + AddType audio/mp4 m4a f4a f4b + + # Video + AddType video/ogg ogv + AddType video/mp4 mp4 m4v f4v f4p + AddType video/webm webm + AddType video/x-flv flv + + # SVG + # Required for svg webfonts on iPad + # twitter.com/FontSquirrel/status/14855840545 + AddType image/svg+xml svg svgz + AddEncoding gzip svgz + + # Webfonts + AddType application/vnd.ms-fontobject eot + AddType application/x-font-ttf ttf ttc + AddType font/opentype otf + AddType application/x-font-woff woff + + # Assorted types + AddType image/x-icon ico + AddType image/webp webp + AddType text/cache-manifest appcache manifest + AddType text/x-component htc + AddType application/xml rss atom xml rdf + AddType text/x-vcard vcf + AddType application/x-shockwave-flash swf + + + +# ---------------------------------------------------------------------- +# Cache Expiration +# ---------------------------------------------------------------------- +# Requires mod_expires to be enabled + + # Serve resources with a far-future expiration date. + ExpiresActive On ExpiresByType application/pdf "access plus 1 year" @@ -113,17 +146,26 @@ AddType application/x-shockwave-flash swf ExpiresByType application/javascript "access plus 1 year" ExpiresByType text/ecmascript "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" + -# ------------------------------------------------------------------------- -# Disabling ETags as they are most likely misconfigured and -# do not add functionality beyond Last-Modified -# ------------------------------------------------------------------------- +# ---------------------------------------------------------------------- +# ETags +# ---------------------------------------------------------------------- + +# Remove ETags as resources are sent with far-future expires headers. +FileETag None + +# Requires mod_headers to be enabled - # Try removing etag headers (if it's coming from proxy for example) Header unset ETag +# ------------------------------------------------------------------------- +# Compression +# ------------------------------------------------------------------------- + +# Requires mod_expires to be enabled # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/ @@ -158,6 +200,3 @@ AddType application/x-shockwave-flash swf - -# Remove ETags -FileETag None