Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

htaccess file recommendation

By: a guest on Mar 26th, 2013  |  syntax: None  |  size: 10.05 KB  |  views: 11  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. # From https://github.com/h5bp/html5-boilerplate/blob/master/.htaccess
  2. # Apache configuration file
  3. # httpd.apache.org/docs/2.2/mod/quickreference.html
  4.  
  5. # Note .htaccess files are an overhead, this logic should be in your Apache
  6. # config if possible: httpd.apache.org/docs/2.2/howto/htaccess.html
  7.  
  8. # Techniques in here adapted from all over, including:
  9. #   Kroc Camen: camendesign.com/.htaccess
  10. #   perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
  11. #   Sample .htaccess file of CMS MODx: modxcms.com
  12.  
  13.  
  14. # ----------------------------------------------------------------------
  15. # Better website experience for IE users
  16. # ----------------------------------------------------------------------
  17.  
  18. # Force the latest IE version, in various cases when it may fall back to IE7 mode
  19. #  github.com/rails/rails/commit/123eb25#commitcomment-118920
  20. # Use ChromeFrame if it's installed for a better experience for the poor IE folk
  21.  
  22. <IfModule mod_headers.c>
  23.   Header set X-UA-Compatible "IE=Edge,chrome=1"
  24.   # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
  25.   <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
  26.     Header unset X-UA-Compatible
  27.   </FilesMatch>
  28. </IfModule>
  29.  
  30.  
  31.  
  32. # ----------------------------------------------------------------------
  33. # CORS-enabled images (@crossorigin)
  34. # ----------------------------------------------------------------------
  35.  
  36. # Send CORS headers if browsers request them; enabled by default for images.
  37. # developer.mozilla.org/en/CORS_Enabled_Image
  38. # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
  39. # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
  40. # wiki.mozilla.org/Security/Reviews/crossoriginAttribute
  41.  
  42. <IfModule mod_setenvif.c>
  43.   <IfModule mod_headers.c>
  44.     # mod_headers, y u no match by Content-Type?!
  45.     <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
  46.       SetEnvIf Origin ":" IS_CORS
  47.       Header set Access-Control-Allow-Origin "*" env=IS_CORS
  48.     </FilesMatch>
  49.   </IfModule>
  50. </IfModule>
  51.  
  52.  
  53. # ----------------------------------------------------------------------
  54. # Webfont access
  55. # ----------------------------------------------------------------------
  56.  
  57. # Allow access from all domains for webfonts.
  58. # Alternatively you could only whitelist your
  59. # subdomains like "subdomain.example.com".
  60.  
  61. <IfModule mod_headers.c>
  62.   <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
  63.     Header set Access-Control-Allow-Origin "*"
  64.   </FilesMatch>
  65. </IfModule>
  66.  
  67.  
  68. # ----------------------------------------------------------------------
  69. # Proper MIME type for all files
  70. # ----------------------------------------------------------------------
  71.  
  72. # JavaScript
  73. #   Normalize to standard type (it's sniffed in IE anyways)
  74. #   tools.ietf.org/html/rfc4329#section-7.2
  75. AddType application/javascript         js jsonp
  76. AddType application/json               json
  77.  
  78. # Audio
  79. AddType audio/mp4                      m4a f4a f4b
  80. AddType audio/ogg                      oga ogg
  81.  
  82. # Video
  83. AddType video/mp4                      mp4 m4v f4v f4p
  84. AddType video/ogg                      ogv
  85. AddType video/webm                     webm
  86. AddType video/x-flv                    flv
  87.  
  88. # SVG
  89. #   Required for svg webfonts on iPad
  90. #   twitter.com/FontSquirrel/status/14855840545
  91. AddType     image/svg+xml              svg svgz
  92. AddEncoding gzip                       svgz
  93.  
  94. # Webfonts
  95. AddType application/vnd.ms-fontobject  eot
  96. AddType application/x-font-ttf         ttf ttc
  97. AddType application/x-font-woff        woff
  98. AddType font/opentype                  otf
  99.  
  100. # Assorted types
  101. AddType application/octet-stream            safariextz
  102. AddType application/x-chrome-extension      crx
  103. AddType application/x-opera-extension       oex
  104. AddType application/x-shockwave-flash       swf
  105. AddType application/x-web-app-manifest+json webapp
  106. AddType application/x-xpinstall             xpi
  107. AddType application/xml                     rss atom xml rdf
  108. AddType image/webp                          webp
  109. AddType image/x-icon                        ico
  110. AddType text/cache-manifest                 appcache manifest
  111. AddType text/vtt                            vtt
  112. AddType text/x-component                    htc
  113. AddType text/x-vcard                        vcf
  114.  
  115.  
  116.  
  117. # ----------------------------------------------------------------------
  118. # Gzip compression
  119. # ----------------------------------------------------------------------
  120.  
  121. <IfModule mod_deflate.c>
  122.  
  123.   # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
  124.   <IfModule mod_setenvif.c>
  125.     <IfModule mod_headers.c>
  126.       SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
  127.       RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
  128.     </IfModule>
  129.   </IfModule>
  130.  
  131.   # Compress all output labeled with one of the following MIME-types
  132.   # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
  133.   # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines as
  134.   # `AddOutputFilterByType` is still in the core directives)
  135.   <IfModule mod_filter.c>
  136.     AddOutputFilterByType DEFLATE application/atom+xml \
  137.                                   application/javascript \
  138.                                   application/json \
  139.                                   application/rss+xml \
  140.                                   application/vnd.ms-fontobject \
  141.                                   application/x-font-ttf \
  142.                                   application/xhtml+xml \
  143.                                   application/xml \
  144.                                   font/opentype \
  145.                                   image/svg+xml \
  146.                                   image/x-icon \
  147.                                   text/css \
  148.                                   text/html \
  149.                                   text/plain \
  150.                                   text/x-component \
  151.                                   text/xml
  152.   </IfModule>
  153.  
  154. </IfModule>
  155.  
  156.  
  157. # ----------------------------------------------------------------------
  158. # Expires headers (for better cache control)
  159. # ----------------------------------------------------------------------
  160.  
  161. # These are pretty far-future expires headers.
  162. # They assume you control versioning with filename-based cache busting
  163. # Additionally, consider that outdated proxies may miscache
  164. #   www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
  165.  
  166. # If you don't use filenames to version, lower the CSS and JS to something like
  167. # "access plus 1 week".
  168.  
  169. <IfModule mod_expires.c>
  170.   ExpiresActive on
  171.  
  172. # Perhaps better to whitelist expires rules? Perhaps.
  173.   ExpiresDefault                          "access plus 1 month"
  174.  
  175. # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
  176.   ExpiresByType text/cache-manifest       "access plus 0 seconds"
  177.  
  178. # Your document html
  179.   ExpiresByType text/html                 "access plus 0 seconds"
  180.  
  181. # Data
  182.   ExpiresByType application/json          "access plus 0 seconds"
  183.   ExpiresByType application/xml           "access plus 0 seconds"
  184.   ExpiresByType text/xml                  "access plus 0 seconds"
  185.  
  186. # Feed
  187.   ExpiresByType application/atom+xml      "access plus 1 hour"
  188.   ExpiresByType application/rss+xml       "access plus 1 hour"
  189.  
  190. # Favicon (cannot be renamed)
  191.   ExpiresByType image/x-icon              "access plus 1 week"
  192.  
  193. # Media: images, video, audio
  194.   ExpiresByType audio/ogg                 "access plus 1 month"
  195.   ExpiresByType image/gif                 "access plus 1 month"
  196.   ExpiresByType image/jpeg                "access plus 1 month"
  197.   ExpiresByType image/png                 "access plus 1 month"
  198.   ExpiresByType video/mp4                 "access plus 1 month"
  199.   ExpiresByType video/ogg                 "access plus 1 month"
  200.   ExpiresByType video/webm                "access plus 1 month"
  201.  
  202. # HTC files  (css3pie)
  203.   ExpiresByType text/x-component          "access plus 1 month"
  204.  
  205. # Webfonts
  206.   ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
  207.   ExpiresByType application/x-font-ttf    "access plus 1 month"
  208.   ExpiresByType application/x-font-woff   "access plus 1 month"
  209.   ExpiresByType font/opentype             "access plus 1 month"
  210.   ExpiresByType image/svg+xml             "access plus 1 month"
  211.  
  212. # CSS and JavaScript
  213.   ExpiresByType application/javascript    "access plus 1 year"
  214.   ExpiresByType text/css                  "access plus 1 year"
  215.  
  216. </IfModule>
  217.  
  218.  
  219. # ----------------------------------------------------------------------
  220. # ETag removal
  221. # ----------------------------------------------------------------------
  222.  
  223. # FileETag None is not enough for every server.
  224. <IfModule mod_headers.c>
  225.   Header unset ETag
  226. </IfModule>
  227.  
  228. # Since we're sending far-future expires, we don't need ETags for
  229. # static content.
  230. #   developer.yahoo.com/performance/rules.html#etags
  231. FileETag None
  232.  
  233. # ----------------------------------------------------------------------
  234. # UTF-8 encoding
  235. # ----------------------------------------------------------------------
  236.  
  237. # Use UTF-8 encoding for anything served text/plain or text/html
  238. AddDefaultCharset utf-8
  239.  
  240. # Force UTF-8 for a number of file formats
  241. AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
  242.  
  243.  
  244. # ----------------------------------------------------------------------
  245. # A little more security
  246. # ----------------------------------------------------------------------
  247.  
  248. # To avoid displaying the exact version number of Apache being used, add the
  249. # following to httpd.conf (it will not work in .htaccess):
  250. # ServerTokens Prod
  251.  
  252. # "-Indexes" will have Apache block users from browsing folders without a
  253. # default document Usually you should leave this activated, because you
  254. # shouldn't allow everybody to surf through every folder on your server (which
  255. # includes rather private places like CMS system folders).
  256. <IfModule mod_autoindex.c>
  257.   Options -Indexes
  258. </IfModule>
clone this paste RAW Paste Data