Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ----------------------------------------------------------------------
- # Start rewrite engine
- # ----------------------------------------------------------------------
- <IfModule mod_rewrite.c>
- Options +FollowSymlinks
- # Options +SymLinksIfOwnerMatch
- RewriteEngine On
- RewriteBase /
- </IfModule>
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule ^(.+)$ $1.php [QSA,L]
- # ----------------------------------------------------------------------
- # Custom error pages
- # ----------------------------------------------------------------------
- ErrorDocument 404 /404.php
- # -------------------------------
- # Prevent 404 errors for non-existing redirected folders
- # -------------------------------
- Options -MultiViews
- # ----------------------------------------------------------------------
- # Better website experience for IE users
- # ----------------------------------------------------------------------
- <IfModule mod_headers.c>
- Header set X-UA-Compatible "IE=Edge,chrome=1"
- # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
- <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
- Header unset X-UA-Compatible
- </FilesMatch>
- </IfModule>
- # ----------------------------------------------------------------------
- # CORS-enabled images (@crossorigin)
- # ----------------------------------------------------------------------
- <IfModule mod_setenvif.c>
- <IfModule mod_headers.c>
- # mod_headers, y u no match by Content-Type?!
- <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
- SetEnvIf Origin ":" IS_CORS
- Header set Access-Control-Allow-Origin "*" env=IS_CORS
- </FilesMatch>
- </IfModule>
- </IfModule>
- # ----------------------------------------------------------------------
- # Webfont access
- # ----------------------------------------------------------------------
- <IfModule mod_headers.c>
- <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
- Header set Access-Control-Allow-Origin "*"
- </FilesMatch>
- </IfModule>
- # ----------------------------------------------------------------------
- # Proper MIME type for all files
- # ----------------------------------------------------------------------
- # JavaScript
- AddType application/javascript js jsonp
- AddType application/json json
- # Audio
- AddType audio/mp4 m4a f4a f4b
- AddType audio/ogg oga ogg
- # Video
- AddType video/mp4 mp4 m4v f4v f4p
- AddType video/ogg ogv
- AddType video/webm webm
- AddType video/x-flv flv
- # SVG
- AddType image/svg+xml svg svgz
- AddEncoding gzip svgz
- # Webfonts
- AddType application/vnd.ms-fontobject eot
- AddType application/x-font-ttf ttf ttc
- AddType application/x-font-woff woff
- AddType font/opentype otf
- # Assorted types
- AddType application/octet-stream safariextz
- AddType application/x-chrome-extension crx
- AddType application/x-opera-extension oex
- AddType application/x-shockwave-flash swf
- AddType application/x-web-app-manifest+json webapp
- AddType application/x-xpinstall xpi
- AddType application/xml rss atom xml rdf
- AddType image/webp webp
- AddType image/x-icon ico
- AddType text/cache-manifest appcache manifest
- AddType text/vtt vtt
- AddType text/x-component htc
- AddType text/x-vcard vcf
- # ----------------------------------------------------------------------
- # UTF-8 encoding
- # ----------------------------------------------------------------------
- # Use UTF-8 encoding for anything served text/plain or text/html
- AddDefaultCharset utf-8
- # Force UTF-8 for a number of file formats
- AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
- # ----------------------------------------------------------------------
- # Security
- # ----------------------------------------------------------------------
- # Block users from browsing folders without a index document
- <IfModule mod_autoindex.c>
- Options -Indexes
- </IfModule>
- # Block access to "hidden" directories or files whose names begin with a ".""
- <IfModule mod_rewrite.c>
- RewriteCond %{SCRIPT_FILENAME} -d [OR]
- RewriteCond %{SCRIPT_FILENAME} -f
- RewriteRule "(^|/)\." - [F]
- </IfModule>
- # Block access to backup and source files.
- <FilesMatch "(\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$">
- Order allow,deny
- Deny from all
- Satisfy All
- </FilesMatch>
- # Increase cookie security
- <IfModule mod_php5.c>
- php_value session.cookie_httponly true
- </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement