Pastebin.com - Printed Paste ID: https://pastebin.com/

1. # From https://github.com/h5bp/html5-boilerplate/blob/master/.htaccess
2. # Apache configuration file
3. # httpd.apache.org/docs/2.2/mod/quickreference.html
4.  
5. # Note .htaccess files are an overhead, this logic should be in your Apache
6. # config if possible: httpd.apache.org/docs/2.2/howto/htaccess.html
7.  
8. # Techniques in here adapted from all over, including:
9. # Kroc Camen: camendesign.com/.htaccess
10. # perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
11. # Sample .htaccess file of CMS MODx: modxcms.com
12.  
13.  
14. # ----------------------------------------------------------------------
15. # Better website experience for IE users
16. # ----------------------------------------------------------------------
17.  
18. # Force the latest IE version, in various cases when it may fall back to IE7 mode
19. # github.com/rails/rails/commit/123eb25#commitcomment-118920
20. # Use ChromeFrame if it's installed for a better experience for the poor IE folk
21.  
22. <IfModule mod_headers.c>
23. Header set X-UA-Compatible "IE=Edge,chrome=1"
24. # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
25. <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
26. Header unset X-UA-Compatible
27. </FilesMatch>
28. </IfModule>
29.  
30.  
31.  
32. # ----------------------------------------------------------------------
33. # CORS-enabled images (@crossorigin)
34. # ----------------------------------------------------------------------
35.  
36. # Send CORS headers if browsers request them; enabled by default for images.
37. # developer.mozilla.org/en/CORS_Enabled_Image
38. # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
39. # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
40. # wiki.mozilla.org/Security/Reviews/crossoriginAttribute
41.  
42. <IfModule mod_setenvif.c>
43. <IfModule mod_headers.c>
44. # mod_headers, y u no match by Content-Type?!
45. <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
46. SetEnvIf Origin ":" IS_CORS
47. Header set Access-Control-Allow-Origin "*" env=IS_CORS
48. </FilesMatch>
49. </IfModule>
50. </IfModule>
51.  
52.  
53. # ----------------------------------------------------------------------
54. # Webfont access
55. # ----------------------------------------------------------------------
56.  
57. # Allow access from all domains for webfonts.
58. # Alternatively you could only whitelist your
59. # subdomains like "subdomain.example.com".
60.  
61. <IfModule mod_headers.c>
62. <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
63. Header set Access-Control-Allow-Origin "*"
64. </FilesMatch>
65. </IfModule>
66.  
67.  
68. # ----------------------------------------------------------------------
69. # Proper MIME type for all files
70. # ----------------------------------------------------------------------
71.  
72. # JavaScript
73. # Normalize to standard type (it's sniffed in IE anyways)
74. # tools.ietf.org/html/rfc4329#section-7.2
75. AddType application/javascript js jsonp
76. AddType application/json json
77.  
78. # Audio
79. AddType audio/mp4 m4a f4a f4b
80. AddType audio/ogg oga ogg
81.  
82. # Video
83. AddType video/mp4 mp4 m4v f4v f4p
84. AddType video/ogg ogv
85. AddType video/webm webm
86. AddType video/x-flv flv
87.  
88. # SVG
89. # Required for svg webfonts on iPad
90. # twitter.com/FontSquirrel/status/14855840545
91. AddType image/svg+xml svg svgz
92. AddEncoding gzip svgz
93.  
94. # Webfonts
95. AddType application/vnd.ms-fontobject eot
96. AddType application/x-font-ttf ttf ttc
97. AddType application/x-font-woff woff
98. AddType font/opentype otf
99.  
100. # Assorted types
101. AddType application/octet-stream safariextz
102. AddType application/x-chrome-extension crx
103. AddType application/x-opera-extension oex
104. AddType application/x-shockwave-flash swf
105. AddType application/x-web-app-manifest+json webapp
106. AddType application/x-xpinstall xpi
107. AddType application/xml rss atom xml rdf
108. AddType image/webp webp
109. AddType image/x-icon ico
110. AddType text/cache-manifest appcache manifest
111. AddType text/vtt vtt
112. AddType text/x-component htc
113. AddType text/x-vcard vcf
114.  
115.  
116.  
117. # ----------------------------------------------------------------------
118. # Gzip compression
119. # ----------------------------------------------------------------------
120.  
121. <IfModule mod_deflate.c>
122.  
123. # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
124. <IfModule mod_setenvif.c>
125. <IfModule mod_headers.c>
126. SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
127. RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
128. </IfModule>
129. </IfModule>
130.  
131. # Compress all output labeled with one of the following MIME-types
132. # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
133. # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines as
134. # `AddOutputFilterByType` is still in the core directives)
135. <IfModule mod_filter.c>
136. AddOutputFilterByType DEFLATE application/atom+xml \
137. application/javascript \
138. application/json \
139. application/rss+xml \
140. application/vnd.ms-fontobject \
141. application/x-font-ttf \
142. application/xhtml+xml \
143. application/xml \
144. font/opentype \
145. image/svg+xml \
146. image/x-icon \
147. text/css \
148. text/html \
149. text/plain \
150. text/x-component \
151. text/xml
152. </IfModule>
153.  
154. </IfModule>
155.  
156.  
157. # ----------------------------------------------------------------------
158. # Expires headers (for better cache control)
159. # ----------------------------------------------------------------------
160.  
161. # These are pretty far-future expires headers.
162. # They assume you control versioning with filename-based cache busting
163. # Additionally, consider that outdated proxies may miscache
164. # www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
165.  
166. # If you don't use filenames to version, lower the CSS and JS to something like
167. # "access plus 1 week".
168.  
169. <IfModule mod_expires.c>
170. ExpiresActive on
171.  
172. # Perhaps better to whitelist expires rules? Perhaps.
173. ExpiresDefault "access plus 1 month"
174.  
175. # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
176. ExpiresByType text/cache-manifest "access plus 0 seconds"
177.  
178. # Your document html
179. ExpiresByType text/html "access plus 0 seconds"
180.  
181. # Data
182. ExpiresByType application/json "access plus 0 seconds"
183. ExpiresByType application/xml "access plus 0 seconds"
184. ExpiresByType text/xml "access plus 0 seconds"
185.  
186. # Feed
187. ExpiresByType application/atom+xml "access plus 1 hour"
188. ExpiresByType application/rss+xml "access plus 1 hour"
189.  
190. # Favicon (cannot be renamed)
191. ExpiresByType image/x-icon "access plus 1 week"
192.  
193. # Media: images, video, audio
194. ExpiresByType audio/ogg "access plus 1 month"
195. ExpiresByType image/gif "access plus 1 month"
196. ExpiresByType image/jpeg "access plus 1 month"
197. ExpiresByType image/png "access plus 1 month"
198. ExpiresByType video/mp4 "access plus 1 month"
199. ExpiresByType video/ogg "access plus 1 month"
200. ExpiresByType video/webm "access plus 1 month"
201.  
202. # HTC files (css3pie)
203. ExpiresByType text/x-component "access plus 1 month"
204.  
205. # Webfonts
206. ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
207. ExpiresByType application/x-font-ttf "access plus 1 month"
208. ExpiresByType application/x-font-woff "access plus 1 month"
209. ExpiresByType font/opentype "access plus 1 month"
210. ExpiresByType image/svg+xml "access plus 1 month"
211.  
212. # CSS and JavaScript
213. ExpiresByType application/javascript "access plus 1 year"
214. ExpiresByType text/css "access plus 1 year"
215.  
216. </IfModule>
217.  
218.  
219. # ----------------------------------------------------------------------
220. # ETag removal
221. # ----------------------------------------------------------------------
222.  
223. # FileETag None is not enough for every server.
224. <IfModule mod_headers.c>
225. Header unset ETag
226. </IfModule>
227.  
228. # Since we're sending far-future expires, we don't need ETags for
229. # static content.
230. # developer.yahoo.com/performance/rules.html#etags
231. FileETag None
232.  
233. # ----------------------------------------------------------------------
234. # UTF-8 encoding
235. # ----------------------------------------------------------------------
236.  
237. # Use UTF-8 encoding for anything served text/plain or text/html
238. AddDefaultCharset utf-8
239.  
240. # Force UTF-8 for a number of file formats
241. AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
242.  
243.  
244. # ----------------------------------------------------------------------
245. # A little more security
246. # ----------------------------------------------------------------------
247.  
248. # To avoid displaying the exact version number of Apache being used, add the
249. # following to httpd.conf (it will not work in .htaccess):
250. # ServerTokens Prod
251.  
252. # "-Indexes" will have Apache block users from browsing folders without a
253. # default document Usually you should leave this activated, because you
254. # shouldn't allow everybody to surf through every folder on your server (which
255. # includes rather private places like CMS system folders).
256. <IfModule mod_autoindex.c>
257. Options -Indexes
258. </IfModule>