API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 25th, 2016
265
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.38 KB | None | 0 0
raw download clone embed print report
  1.  
  2. ### PERFORMANCE ENHANCEMENTS ###
  3.  
  4. # Remove Etags
  5. FileETag none
  6.  
  7. # Add Vary-Encoding Header
  8. Header append Vary: Accept-Encoding
  9.  
  10. # Make Default Charset set to UTF-8
  11. AddDefaultCharset UTF-8
  12.  
  13. ########################### SIMPLESAML Rules ####################################
  14. RewriteCond %{HTTP_HOST} ^admin\..*$
  15. RewriteRule ^simplesaml/(.*)$ /silverstripe-ssp/thirdparty/simplesamlphp/simplesamlphp/www/$1 [L,PT]
  16. ######################### END SIMPLESAML RULES ##################################
  17.  
  18. ### END PERFORMANCE ENHANCEMENTS ###
  19.  
  20. ### ADMIN ROBOTS.TXT ###
  21. RewriteCond %{HTTP_HOST} ^admin\.
  22. RewriteRule ^robots\.txt$ /site/admin_robots.txt [L]
  23.  
  24. ### BLOCK SEARCH ENGINES FROM THE ADMIN DOMAIN ###
  25. RewriteCond %{HTTP_HOST} ^admin\.
  26. RewriteCond %{REQUEST_URI} !^/site/admin_robots\.txt$
  27. RewriteCond %{HTTP_USER_AGENT} Googlebot [OR]
  28. RewriteCond %{HTTP_USER_AGENT} Bingbot [OR]
  29. RewriteCond %{HTTP_USER_AGENT} msnbot [OR]
  30. RewriteCond %{HTTP_USER_AGENT} Slurp
  31. RewriteRule .* - [F,L]
  32.  
  33. # Block Access to assets folder
  34. #RewriteRule ^(assets$)|(assets/$) page-not-found [L]
  35.  
  36.  
  37. ### SILVERSTRIPE START ###
  38. ######################################################################################################
  39. ### NOTE: If you add any get params MAKE SURE you add them AFTER {QUERY_STRING}! ###
  40. ### This ensures that these variables cannot be overwritten by users adding their own GET vars. ###
  41. ######################################################################################################
  42.  
  43. ########## WEB FONTS #####################
  44. AddType font/ttf .ttf
  45. AddType font/eot .eot
  46. AddType font/otf .otf
  47. AddType font/woff .woff
  48.  
  49. <FilesMatch "\.(ttf|otf|eot|woff)$">
  50. <IfModule mod_headers.c>
  51. Header set Access-Control-Allow-Origin "*"
  52. </IfModule>
  53. </FilesMatch>
  54. ######### END WEB FONTS ###################
  55.  
  56. <Files *.ss>
  57. Order deny,allow
  58. Deny from all
  59. Allow from 127.0.0.1
  60. </Files>
  61.  
  62. <Files web.config>
  63. Order deny,allow
  64. Deny from all
  65. </Files>
  66.  
  67. # This denies access to all yml files, since developers might include sensitive
  68. # information in them. See the docs for work-arounds to serve some yaml files
  69. <Files *.yml>
  70. Order allow,deny
  71. Deny from all
  72. </Files>
  73.  
  74. ErrorDocument 404 /assets/error-404.html
  75. ErrorDocument 500 /assets/error-500.html
  76.  
  77. SetEnv HTTP_MOD_REWRITE On
  78. RewriteEngine On
  79. RewriteBase '/'
  80.  
  81.  
  82. # Deny access to potentially sensitive files and folders
  83. RewriteRule ^vendor(/|$) - [F,L,NC]
  84. RewriteRule silverstripe-cache(/|$) - [F,L,NC]
  85. RewriteRule composer\.(json|lock) - [F,L,NC]
  86.  
  87. RewriteCond %{REQUEST_FILENAME} !-f
  88. RewriteRule ^(.*).shtml$ $1 [R=301,L]
  89.  
  90. #########################################################################################################
  91. ### The follwing lines are redirects for bad indexed urls to remove problem with dubble content pages ###
  92. #########################################################################################################
  93.  
  94. # Disallow trailing slashes on all urls
  95. RewriteCond %{HTTP_HOST} !^admin\.(.+)$
  96. RewriteCond %{REQUEST_URI} ^(.+)/$
  97. Rewriterule ^(.+)/$ /$1 [R=301,L]
  98.  
  99. # Block home url - silverstripe standard index page url
  100. RewriteRule ^index.html$ / [L,R=301]
  101. RewriteRule ^home$ / [L,R=301]
  102.  
  103.  
  104. ### URL BLOCKERS ###
  105. # Controller urls on non admin domains are blocked by Class BassModelAsController
  106. # Block "admin", "Security" and images (popup imageloader) urls from non admin domains.
  107. RewriteCond %{HTTP_HOST} !^admin\.
  108.  
  109. #RewriteRule ^(Security)|(images$)|(images/$) page-not-found [L]
  110. RewriteRule ^(images$)|(images/$) page-not-found [L]
  111.  
  112. # Block dev/build
  113. RewriteRule ^dev/build$ /page-not-found?isDev=1 [L]
  114.  
  115. #Block conf folder
  116. RewriteRule ^example/conf.* [R=404,L]
  117.  
  118. #Block setup.php
  119. RewriteRule ^setup.php [R=404,L]
  120.  
  121. #Block log folder
  122. RewriteRule ^log/.* [R=404,L]
  123.  
  124. # Block out access to dev and debug_profile
  125. RewriteCond %{QUERY_STRING} .*(isDev|debug_profile|debug_memory).* [NC]
  126. RewriteRule .* /? [R=301,L]
  127.  
  128. # Block urls
  129. RewriteRule ^(.*)/silverstripe_version$ page-not-found [L]
  130. RewriteRule ^REVISION$ page-not-found [L]
  131.  
  132.  
  133. # Redirects that cannot be handled in the admin
  134.  
  135. #Redirect 301 /form_2b.php? forms/entry-form?
  136. RewriteRule ^forms/form_2b.php(.*)$ forms/entry-form$1 [r=301,nc]
  137.  
  138.  
  139. RewriteCond %{REQUEST_URI} ^(.*)$
  140. RewriteCond %{REQUEST_FILENAME} !-f
  141. RewriteCond %{REQUEST_URI} !\.php$
  142. RewriteRule .* framework/main.php?url=%1&%{QUERY_STRING} [L]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!