# Don't allow people to retrieve non-cgi executable files or our private data
<FilesMatch (.pm|.pl|.psgi|.tmpl|localconfig.*|cpanfile)$>
<IfModule mod_version.c>
<IfVersion < 2.4>
Deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Deny from all
</IfModule>
</FilesMatch>
Options -Indexes
<IfModule mod_expires.c>
<IfModule mod_headers.c>
<IfModule mod_env.c>
<FilesMatch (.js|.css)$>
ExpiresActive On
# According to RFC 2616, "1 year in the future" means "never expire".
# We change the name of the file's URL whenever its modification date
# changes, so browsers can cache any individual JS or CSS URL forever.
# However, since all JS and CSS URLs involve a ? in them (for the changing
# name) we have to explicitly set an Expires header or browsers won't
# *ever* cache them.
ExpiresDefault "now plus 1 years"
Header append Cache-Control "public"
</FilesMatch>
# This lets Bugzilla know that we are properly sending Cache-Control
# and Expires headers for CSS and JS files.
SetEnv BZ_CACHE_CONTROL 1
</IfModule>
</IfModule>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteOptions inherit
RewriteRule ^rest/(.*)$ rest.cgi/$1 [NE]
</IfModule>
# config.cgi using the RDF format can generate a pretty large file (several MB).
# The XML format of bug reports can be quite large too.
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/xml application/rdf+xml
</IfModule>