forked from Creare/magento-htaccess
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
195 lines (148 loc) · 6.39 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
## THIS IS A PARTIAL FILE - ASPECTS OF YOUR EXISTING HTACCESS FILE WILL BE NEEDED.
## THIS IS FORKED FROM https://github.com/magento/magento2/blob/develop/.htaccess
## USE AT OWN RISK :)
### Protect .htaccess
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
##### Recognise SSL when set at a load balancer/proxy level (for CloudFlare) #####
SetEnvIf X-Forwarded-Proto https HTTPS=on
##### Add support for SVG Graphics and CSS3 Pie #####
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
AddType text/x-component .htc
DirectoryIndex index.php
##### Necessary redirects and rewrites for search engines #####
##### mod_deflate compresses your output to lower the file size being sent to the client #####
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
php_flag zlib.output_compression on
</IfModule>
<Files *.php>
SetOutputFilter DEFLATE
</Files>
<IfModule mod_ssl.c>
SSLOptions StdEnvVars
</IfModule>
##### Header Directives #####
<ifModule mod_headers.c>
Header unset ETag
Header unset Last-Modified
</ifModule>
##### disable POST processing to not break multiple image upload #####
# To disable mod_security in your VirtualHost configuration, add the following:
# <LocationMatch "/(admin|downloader)">
# <IfModule mod_security2.c>
# SecRuleEngine Off
# </IfModule>
# </LocationMatch>
<IfModule mod_security.c>
#SecRuleEngine Off
SecFilterScanPOST Off
</IfModule>
##### Enable apache served files compression #####
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-httpd-php
AddOutputFilterByType DEFLATE application/cgi-php5
AddOutputFilterByType DEFLATE application/cgi-php53
AddOutputFilterByType DEFLATE application/cgi-php54
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:pdf|doc)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:avi|mov|mp3|mp4|rm)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
</IfModule>
##### Mod gzip and caching for improved site speed #####
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
##### Default expires headers for all file types #####
##### Not recommended for development environment #####
<ifModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 216000 seconds"
ExpiresByType application/x-javascript "access plus 216000 seconds"
</ifModule>
##### Mime Type Caching #####
<IfModule mod_mime.c>
##### AUDIO #####
AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg
##### JAVASCRIPT #####
# Normalize to standard type (it's sniffed in IE anyways):
# http://tools.ietf.org/html/rfc4329#section-7.2
AddType application/javascript js jsonp
AddType application/json json
##### VIDEO #####
AddType video/mp4 mp4 m4v f4v f4p
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
##### WEB FONTS #####
AddType application/font-woff woff
AddType application/vnd.ms-fontobject eot
##### Browsers usually ignore the font MIME types #####
##### and sniff the content, however, Chrome shows #####
##### a warning if other MIME types are used for #####
##### the following fonts. #####
AddType application/x-font-ttf ttc ttf
AddType font/opentype otf
##### OTHER #####
AddType application/octet-stream safariextz
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-shockwave-flash swf
AddType application/x-web-app-manifest+json webapp
AddType application/x-xpinstall xpi
AddType application/xml atom rdf rss xml
AddType image/webp webp
AddType image/x-icon ico
AddType text/cache-manifest appcache manifest
AddType text/vtt vtt
AddType text/x-component htc
AddType text/x-vcard vcf
</IfModule>
<IfModule mod_mime.c>
AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml
</IfModule>
##### Disable ETags http://developer.yahoo.com/performance/rules.html#etags #####
FileETag None
##### Prevent character encoding issues from server overrides #####
AddDefaultCharset Off
#AddDefaultCharset UTF-8
##### Force IE8 compatibility when using IE8+ #####
##### May cause issues within Windows Mobile Browsers #####
BrowserMatch MSIE best-standards-support
Header set X-UA-Compatible IE=8 env=best-standards-support