DirectorySlash Off
RewriteEngine On
RewriteBase /

#Prevent download confirm dialog
AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mov

# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

# Redirect to https if http
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Remove the php extension from the page source subscribe link
RewriteRule ^/newsletter/subscribe?$ /newsletter/subscribe.php [NC,L]

# Redirect /foo/ to /foo
RewriteRule ^(.*)\/(\?.*)?$ $1$2 [R=301,L,E=LOOP:1]

# Redirect /foo to /foo/index.html
RewriteCond %{ENV:REDIRECT_LOOP} !1
RewriteRule ^(.*)(\?.*)?$ $1/index.html$2 [L]

# Redirect /foo/index.html to /foo
RewriteCond %{ENV:REDIRECT_LOOP} !1
RewriteRule ^(.*)\/index.html$ /$1 [R=301,L]

#Prevent Hacks
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.html [F,L]

#Secure directories by disabling execution of scripts
AddHandler cgi-script .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI

#Block Access to htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>

#Disable directory browsing
Options All -Indexes

#No match, serve 404
ErrorDocument 404 /404/