Mehdi-Hp/FootballOnAir.ir/master/.htaccess - Htaccess File

Mehdi-Hp/FootballOnAir.ir/master/.htaccess

#Force non-www:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.footballonair.ir [NC]
RewriteRule ^(.*)$ http://footballonair.ir/$1 [L,R=301]

#Remove trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [R=301,L]

#Clean URLs
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^([^.]+)$ $1.php [NC,L]
RewriteRule ^([^.]+)$ $1.html [NC,L]

# BEGIN GZIP
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</ifmodule>

#Allow Cross-Domain Fonts
<IfModule mod_headers.c>
    <FilesMatch ".(eot|otf|ttc|ttf|woff|woff2)$">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>
</IfModule>

# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8

## Security stuff
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]

# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]

# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]

# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]

# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]

# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})

# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]

## End of security stuff

# disable directory browsing
Options All -Indexes

On Github License

Files

Download PDF of Htaccess file
DEFLATE, HTTP_HOST, QUERY_STRING, REQUEST_FILENAME, SCRIPT_FILENAME

Comments

Apache