API tools faq
paste
Guest User

Untitled

a guest
Oct 23rd, 2018
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.10 KB | None | 0 0
raw download clone embed print report
  1. # ----------------------------------------------------------------------
  2. # Better website experience for IE users
  3. # ----------------------------------------------------------------------
  4.  
  5. # Force the latest IE version, in various cases when it may fall back to IE7 mode
  6. # github.com/rails/rails/commit/123eb25#commitcomment-118920
  7. # Use ChromeFrame if it's installed for a better experience for the poor IE folk
  8.  
  9. <IfModule mod_headers.c>
  10. Header set X-UA-Compatible "IE=Edge,chrome=1"
  11. # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
  12. <FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
  13. Header unset X-UA-Compatible
  14. </FilesMatch>
  15. </IfModule>
  16.  
  17. # ----------------------------------------------------------------------
  18. # CORS-enabled images (@crossorigin)
  19. # ----------------------------------------------------------------------
  20.  
  21. # Send CORS headers if browsers request them; enabled by default for images.
  22. # developer.mozilla.org/en/CORS_Enabled_Image
  23. # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
  24. # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
  25. # wiki.mozilla.org/Security/Reviews/crossoriginAttribute
  26.  
  27. <IfModule mod_setenvif.c>
  28. <IfModule mod_headers.c>
  29. # mod_headers, y u no match by Content-Type?!
  30. <FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
  31. SetEnvIf Origin ":" IS_CORS
  32. Header set Access-Control-Allow-Origin "*" env=IS_CORS
  33. </FilesMatch>
  34. </IfModule>
  35. </IfModule>
  36.  
  37. # ----------------------------------------------------------------------
  38. # Expires headers (for better cache control)
  39. # ----------------------------------------------------------------------
  40.  
  41. # These are pretty far-future expires headers.
  42. # They assume you control versioning with cachebusting query params like
  43. # <script src="application.js?20100608">
  44. # Additionally, consider that outdated proxies may miscache
  45. # www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
  46.  
  47. # If you don't use filenames to version, lower the CSS and JS to something like
  48. # "access plus 1 week" or so.
  49.  
  50. <IfModule mod_expires.c>
  51. ExpiresActive on
  52.  
  53. # Perhaps better to whitelist expires rules? Perhaps.
  54. ExpiresDefault "access plus 1 month"
  55.  
  56. # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
  57. ExpiresByType text/cache-manifest "access plus 0 seconds"
  58.  
  59. # Your document html
  60. ExpiresByType text/html "access plus 0 seconds"
  61.  
  62. # Data
  63. ExpiresByType text/xml "access plus 0 seconds"
  64. ExpiresByType application/xml "access plus 0 seconds"
  65. ExpiresByType application/json "access plus 0 seconds"
  66.  
  67. # Feed
  68. ExpiresByType application/rss+xml "access plus 1 hour"
  69. ExpiresByType application/atom+xml "access plus 1 hour"
  70.  
  71. # Favicon (cannot be renamed)
  72. ExpiresByType image/x-icon "access plus 1 week"
  73.  
  74. # Media: images, video, audio
  75. ExpiresByType image/gif "access plus 1 month"
  76. ExpiresByType image/png "access plus 1 month"
  77. ExpiresByType image/jpg "access plus 1 month"
  78. ExpiresByType image/jpeg "access plus 1 month"
  79. ExpiresByType video/ogg "access plus 1 month"
  80. ExpiresByType audio/ogg "access plus 1 month"
  81. ExpiresByType video/mp4 "access plus 1 month"
  82. ExpiresByType video/webm "access plus 1 month"
  83.  
  84. # HTC files (css3pie)
  85. ExpiresByType text/x-component "access plus 1 month"
  86.  
  87. # Webfonts
  88. ExpiresByType application/x-font-ttf "access plus 1 month"
  89. ExpiresByType font/opentype "access plus 1 month"
  90. ExpiresByType application/x-font-woff "access plus 1 month"
  91. ExpiresByType image/svg+xml "access plus 1 month"
  92. ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
  93.  
  94. # CSS and JavaScript
  95. ExpiresByType text/css "access plus 1 week"
  96. ExpiresByType application/javascript "access plus 1 week"
  97.  
  98. </IfModule>
  99.  
  100. # ----------------------------------------------------------------------
  101. # ETag removal
  102. # ----------------------------------------------------------------------
  103.  
  104. # FileETag None is not enough for every server.
  105. <IfModule mod_headers.c>
  106. Header unset ETag
  107. </IfModule>
  108.  
  109. # Since we're sending far-future expires, we don't need ETags for
  110. # static content.
  111. # developer.yahoo.com/performance/rules.html#etags
  112. FileETag None
  113.  
  114. # ----------------------------------------------------------------------
  115. # Start rewrite engine
  116. # ----------------------------------------------------------------------
  117.  
  118. # Turning on the rewrite engine is necessary for the following rules and features.
  119. # FollowSymLinks must be enabled for this to work.
  120.  
  121. <IfModule mod_rewrite.c>
  122. Options +FollowSymlinks
  123. RewriteEngine On
  124. </IfModule>
  125.  
  126. # ----------------------------------------------------------------------
  127. # Suppress or force the "www." at the beginning of URLs
  128. # ----------------------------------------------------------------------
  129.  
  130. # The same content should never be available under two different URLs - especially not with and
  131. # without "www." at the beginning, since this can cause SEO problems (duplicate content).
  132. # That's why you should choose one of the alternatives and redirect the other one.
  133.  
  134. # By default option 1 (no "www.") is activated. Remember: Shorter URLs are sexier.
  135. # no-www.org/faq.php?q=class_b
  136.  
  137. # If you rather want to use option 2, just comment out all option 1 lines
  138. # and uncomment option 2.
  139. # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
  140.  
  141. # ----------------------------------------------------------------------
  142.  
  143. # Option 1:
  144. # Rewrite "www.example.com -> example.com"
  145.  
  146. <IfModule mod_rewrite.c>
  147. RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
  148. RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
  149.  
  150. # uncomment for HTTPS
  151. #RewriteCond %{HTTPS} !on
  152. #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
  153. </IfModule>
  154.  
  155. # ----------------------------------------------------------------------
  156.  
  157. # Option 2:
  158. # To rewrite "example.com -> www.example.com" uncomment the following lines.
  159. # Be aware that the following rule might not be a good idea if you
  160. # use "real" subdomains for certain parts of your website.
  161.  
  162. # <IfModule mod_rewrite.c>
  163. # RewriteCond %{HTTPS} !=on
  164. # RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
  165. # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
  166. # </IfModule>
  167.  
  168. # ----------------------------------------------------------------------
  169. # Prevent 404 errors for non-existing redirected folders
  170. # ----------------------------------------------------------------------
  171.  
  172. # without -MultiViews, Apache will give a 404 for a rewrite if a folder of the same name does not exist
  173. # e.g. /blog/hello : webmasterworld.com/apache/3808792.htm
  174.  
  175. Options -MultiViews
  176.  
  177. # ----------------------------------------------------------------------
  178. # Custom 404 page
  179. # ----------------------------------------------------------------------
  180.  
  181. # You can add custom pages to handle 500 or 403 pretty easily, if you like.
  182. #ErrorDocument 404 /404
  183.  
  184. # ----------------------------------------------------------------------
  185. # UTF-8 encoding
  186. # ----------------------------------------------------------------------
  187.  
  188. # Use UTF-8 encoding for anything served text/plain or text/html
  189. AddDefaultCharset utf-8
  190.  
  191. # Force UTF-8 for a number of file formats
  192. AddCharset utf-8 .css .js .xml .json .rss .atom
  193.  
  194. # ----------------------------------------------------------------------
  195. # A little more security
  196. # ----------------------------------------------------------------------
  197.  
  198. # "-Indexes" will have Apache block users from browsing folders without a default document
  199. # Usually you should leave this activated, because you shouldn't allow everybody to surf through
  200. # every folder on your server (which includes rather private places like CMS system folders).
  201. <IfModule mod_autoindex.c>
  202. Options -Indexes
  203. </IfModule>
  204.  
  205.  
  206. # Block access to "hidden" directories whose names begin with a period. This
  207. # includes directories used by version control systems such as Subversion or Git.
  208. <IfModule mod_rewrite.c>
  209. RewriteCond %{SCRIPT_FILENAME} -d
  210. RewriteCond %{SCRIPT_FILENAME} -f
  211. RewriteRule "(^|/)\." - [F]
  212. </IfModule>
  213.  
  214.  
  215. # Block access to backup and source files
  216. # This files may be left by some text/html editors and
  217. # pose a great security danger, when someone can access them
  218. <FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
  219. Order allow,deny
  220. Deny from all
  221. Satisfy All
  222. </FilesMatch>
  223.  
  224.  
  225. <IfModule mod_rewrite.c>
  226.  
  227. RewriteEngine On
  228.  
  229. ## Unless directory, remove trailing slash
  230. RewriteCond %{ENV:REDIRECT_STATUS} !200
  231. RewriteCond %{REQUEST_FILENAME} !-d
  232. RewriteRule ^(.+)/$ /$1 [R=301,NE,L]
  233.  
  234. ## forward all requests to public/index.php
  235. RewriteCond %{REQUEST_FILENAME} !-f
  236. RewriteCond %{REQUEST_FILENAME} !-d
  237. RewriteRule ^ public/index.php [L]
  238.  
  239. </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!