Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Use the front controller as index file. It serves as a fallback solution when
- # every other rewrite/redirect fails (e.g. in an aliased environment without
- # mod_rewrite). Additionally, this reduces the matching process for the
- # start page (path "/") because otherwise Apache will apply the rewriting rules
- # to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
- #DirectoryIndex index.php
- <IfModule mod_rewrite.c>
- RewriteEngine On
- # Set Authorization header for OAuth2 for when php is running under fcgi
- RewriteCond %{HTTP:Authorization} .+
- RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- # Determine the RewriteBase automatically and set it as environment variable.
- # If you are using Apache aliases to do mass virtual hosting or installed the
- # project in a subdirectory, the base path will be prepended to allow proper
- # resolution of the app.php file and to redirect to the correct URI. It will
- # work in environments without path prefix as well, providing a safe, one-size
- # fits all solution. But as you do not need it in this case, you can comment
- # the following 2 lines to eliminate the overhead.
- RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
- RewriteRule ^(.*) - [E=BASE:%1]
- # Redirect to URI without front controller to prevent duplicate content
- # (with and without `/app.php`). Only do this redirect on the initial
- # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
- # endless redirect loop (request -> rewrite to front controller ->
- # redirect -> request -> ...).
- # So in case you get a "too many redirects" error or you always get redirected
- # to the start page because your Apache does not expose the REDIRECT_STATUS
- # environment variable, you have 2 choices:
- # - disable this feature by commenting the following 2 lines or
- # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
- # following RewriteCond (best solution)
- RewriteCond %{ENV:REDIRECT_STATUS} ^$
- RewriteRule ^index\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]
- # If the requested filename exists, simply serve it.
- # We only want to let Apache serve files and not directories.
- RewriteCond %{REQUEST_FILENAME} -f
- RewriteRule .? - [L]
- # Rewrite all other queries to the front controller.
- RewriteRule .? %{ENV:BASE}/index.php [L]
- </IfModule>
- <IfModule !mod_rewrite.c>
- <IfModule mod_alias.c>
- # When mod_rewrite is not available, we instruct a temporary redirect of
- # the start page to the front controller explicitly so that the website
- # and the generated links can still be used.
- RedirectMatch 302 ^(?!/(index\.php|index_dev\.php|app|addons|plugins|media|upgrade))(/(.*))$ /index.php$2
- # RedirectTemp cannot be used instead
- </IfModule>
- </IfModule>
- <IfModule mod_php5.c>
- # @link https://github.com/mautic/mautic/issues/1504
- php_value always_populate_raw_post_data -1
- </IfModule>
- <IfModule mod_deflate.c>
- <IfModule mod_filter.c>
- AddOutputFilterByType DEFLATE application/javascript
- AddOutputFilterByType DEFLATE application/rss+xml
- AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
- AddOutputFilterByType DEFLATE application/x-font
- AddOutputFilterByType DEFLATE application/x-font-opentype
- AddOutputFilterByType DEFLATE application/x-font-otf
- AddOutputFilterByType DEFLATE application/x-font-truetype
- AddOutputFilterByType DEFLATE application/x-font-ttf
- AddOutputFilterByType DEFLATE application/x-javascript
- AddOutputFilterByType DEFLATE font/opentype
- AddOutputFilterByType DEFLATE font/otf
- AddOutputFilterByType DEFLATE font/ttf
- AddOutputFilterByType DEFLATE image/svg+xml
- AddOutputFilterByType DEFLATE image/x-icon
- AddOutputFilterByType DEFLATE text/css
- AddOutputFilterByType DEFLATE text/javascript
- # Do not enable compression for file types that could contain secrets
- #AddOutputFilterByType DEFLATE text/html
- #AddOutputFilterByType DEFLATE text/plain
- #AddOutputFilterByType DEFLATE text/xml
- #AddOutputFilterByType DEFLATE application/xhtml+xml
- #AddOutputFilterByType DEFLATE application/xml
- #AddOutputFilterByType DEFLATE application/json
- <IfModule mod_setenvif.c>
- <IfModule mod_header.c>
- # Remove browser bugs (only needed for really old browsers)
- BrowserMatch ^Mozilla/4 gzip-only-text/html
- BrowserMatch ^Mozilla/4\.0[678] no-gzip
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
- Header append Vary User-Agent
- </IfModule>
- </IfModule>
- </IfModule>
- </IfModule>
- # Apache 2.4+
- <IfModule authz_core_module>
- # Deny access via HTTP requests to all PHP files.
- <FilesMatch "\.php$">
- # Require all denied
- </FilesMatch>
- # Deny access via HTTP requests to composer files.
- <FilesMatch "^(composer\.json|composer\.lock)$">
- Require all denied
- </FilesMatch>
- # Except those allowed below.
- <If "%{REQUEST_URI} =~ m#^/(index|index_dev|upgrade/upgrade)\.php#">
- Require all granted
- </If>
- </IfModule>
- # Fallback for Apache < 2.4
- <IfModule !authz_core_module>
- # Deny access via HTTP requests to all PHP files.
- <FilesMatch "\.php$">
- Order deny,allow
- Deny from all
- </FilesMatch>
- # Deny access via HTTP requests to composer files
- <FilesMatch "^(composer\.json|composer\.lock)$">
- Order deny,allow
- Deny from all
- </FilesMatch>
- # Except those allowed below.
- <If "%{REQUEST_URI} =~ m#^/(index|index_dev|upgrade/upgrade)\.php#">
- Order allow,deny
- Allow from all
- </If>
- </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
