# You will need "AllowOverride Options" or "AllowOverride All"
# privileges for this htaccess file to work, this is set in the
# apache httpd.conf file.
# Uncomment the following line to put the application into development mode.
#SetEnv APPLICATION_ENV development
SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
RewriteEngine On
# This rewrite rule allow us to version static files
# within the application, but not have to create symlinks or new
# versions of the files themselves. It'd be nice to be able to insert
# version numbers into the query string, but some browsers don't obey
# this for caching purposes.
RewriteRule ^(javascripts|stylesheets|images)/(.+).(.+).(js|css|jpg|gif|png)$ $1/$2.$4 [L]
# This set of rewrite rules specify that if the file exists
# under the document root directory, it should simply be served
# as a static resource. Otherwise, the request is for dynamic
# content and should be rewritten to our index.php script. Since
# all requests for non-static content will be rewritten to it,
# the index.php script serves as the entry point to our application.
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ /index.php [NC,L]
# Disable ETags
FileETag none
# Enable expirations
ExpiresActive On
# Expire static content by type
ExpiresByType application/javascript "access plus 10 years"
ExpiresByType text/css "access plus 10 years"
ExpiresByType image/gif "access plus 10 years"
ExpiresByType image/png "access plus 10 years"
ExpiresByType image/vnd.microsoft.icon "access plus 10 years"
<IfModule mod_php5.c>
# Overrides current PHP server settings to harden the server by
# turning off unwanted options which may be harmful. There are
# several Apache directives that allow you to change the PHP
# configuration from within the Apache configuration files.
# This can only be used with PHP_INI_ALL and PHP_INI_PERDIR
# type directives.
# Examples:
# php_value name value
# php_flag name on|off
# Sets the maximum upload filesize, this size will determine the
# maximum size of files OpenFISMA will accept when uploaded.
php_value upload_max_filesize 10M
php_value post_max_size 10M
# Turns off all errors, useful setting in production environments.
# php_flag display_errors Off
# Sets the magic_quotes state for GPC (Get/Post/Cookie) operations
# It is recommended that magic_quotes_gpc be disabled, and input
# filtering be handled by your PHP scripts
php_flag magic_quotes_gpc Off
# Turns off register globals
php_flag register_globals Off
</IfModule>