alphafitch/alphafitchsite/master/.htaccess - Htaccess File

alphafitch/alphafitchsite/master/.htaccess

# Disable the server signature

ServerSignature Off

# Compression

<IfModule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml

  # Remove browser bugs (only needed for really old browsers)
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4.0[678] no-gzip
  BrowserMatch bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent
</IfModule>

# File caching

<IfModule mod_expires.c>
  ExpiresActive on
  ExpiresDefault                                      "access plus 1 month"
  ExpiresByType text/css                              "access plus 1 week"
  ExpiresByType application/json                      "access plus 0 seconds"
  ExpiresByType application/xml                       "access plus 0 seconds"
  ExpiresByType text/xml                              "access plus 0 seconds"
  ExpiresByType image/x-icon                          "access plus 1 week"
  ExpiresByType text/x-component                      "access plus 1 month"
  ExpiresByType text/html                             "access plus 0 seconds"
  ExpiresByType application/javascript                "access plus 1 week"
  ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
  ExpiresByType text/cache-manifest                   "access plus 0 seconds"
  ExpiresByType audio/ogg                             "access plus 1 week"
  ExpiresByType image/gif                             "access plus 1 week"
  ExpiresByType image/jpeg                            "access plus 1 week"
  ExpiresByType image/png                             "access plus 1 week"
  ExpiresByType video/mp4                             "access plus 1 week"
  ExpiresByType video/ogg                             "access plus 1 week"
  ExpiresByType video/webm                            "access plus 1 week"
  ExpiresByType application/atom+xml                  "access plus 1 hour"
  ExpiresByType application/rss+xml                   "access plus 1 hour"
  ExpiresByType application/font-woff2                "access plus 1 week"
  ExpiresByType application/font-woff                 "access plus 1 week"
  ExpiresByType application/vnd.ms-fontobject         "access plus 1 week"
  ExpiresByType application/x-font-ttf                "access plus 1 week"
  ExpiresByType font/opentype                         "access plus 1 week"
  ExpiresByType image/svg+xml                         "access plus 1 week"
</IfModule>

# Deny access to backup and source files

<FilesMatch "(.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$">
  Require all denied
</FilesMatch>

# Disable directory browsing

Options All -Indexes

# Basic rewrite rules, stop unneeded PERL bot, block subversion directories

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteRule ^(.*/)?.svn/ - [F,L]
  ErrorDocument 403 "Access Forbidden"
  RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
  RewriteRule .* – [F,L]
</IfModule>

# Block query string exploits

<IfModule mod_rewrite.c>
  RewriteCond %{QUERY_STRING} ../    [NC,OR]
  RewriteCond %{QUERY_STRING} boot.ini [NC,OR]
  RewriteCond %{QUERY_STRING} tag=     [NC,OR]
  RewriteCond %{QUERY_STRING} ftp:     [NC,OR]
  RewriteCond %{QUERY_STRING} http:    [NC,OR]
  RewriteCond %{QUERY_STRING} https:   [NC,OR]
  RewriteCond %{QUERY_STRING} mosConfig [NC,OR]
  RewriteCond %{QUERY_STRING} ^.*([|]|(|)|<|>|'|"|;|?|*).* [NC,OR]
  RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR]
  RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127.0).* [NC,OR]
  RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR]
  RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]
  RewriteRule ^(.*)$ - [F,L]
</IfModule>

On Github License

Files

Download PDF of Htaccess file
DEFLATE, HTTP_USER_AGENT, no-gzip, QUERY_STRING

Comments

Apache