sdempsey/dempsey-recipes/master/.htaccess - Htaccess File

sdempsey/dempsey-recipes/master/.htaccess

# ##############################################################################
# # ERRORS                                                                     #
# ##############################################################################

# ------------------------------------------------------------------------------
# | 404 error prevention                                                       |
# ------------------------------------------------------------------------------

# Disable the pattern matching based on filenames.

# This setting prevents Apache from returning a 404 error as the result
# of a rewrite when the directory with the same name does not exist.

Options -MultiViews

# ##############################################################################
# # INTERNET EXPLORER                                                          #
# ##############################################################################

# Force Internet Explorer to render pages in the highest available
# mode in the various cases when it may not.

<IfModule mod_headers.c>
    Header set X-UA-Compatible "IE=edge"
    <FilesMatch ".(appcache|atom|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcf|vtt|webapp|web[mp]|woff2?|xml|xpi)$">
        Header unset X-UA-Compatible
    </FilesMatch>
</IfModule>

# ##############################################################################
# # MEDIA TYPES AND CHARACTER ENCODINGS                                        #
# ##############################################################################

# ------------------------------------------------------------------------------
# | Media types                                                                |
# ------------------------------------------------------------------------------

# Serve resources with the proper media types (formerly known as MIME types).

<IfModule mod_mime.c>
    AddType audio/mp4                                   f4a f4b m4a
    AddType audio/ogg                                   oga ogg opus
    AddType application/json                            json map topojson
    AddType application/ld+json                         jsonld
    AddType application/vnd.geo+json                    geojson
    AddType application/javascript                      js
    AddType application/x-web-app-manifest+json         webapp
    AddType text/cache-manifest                         appcache manifest
    AddType video/mp4                                   f4v f4p m4v mp4
    AddType video/ogg                                   ogv
    AddType video/webm                                  webm
    AddType video/x-flv                                 flv
    AddType application/font-woff                       woff
    AddType application/font-woff2                      woff2
    AddType application/vnd.ms-fontobject               eot
    AddType application/x-font-ttf                      ttc ttf
    AddType font/opentype                               otf
    AddType image/svg+xml                               svg svgz
    AddType application/octet-stream                    safariextz
    AddType application/x-chrome-extension              crx
    AddType application/x-opera-extension               oex
    AddType application/x-xpinstall                     xpi
    AddType application/xml                             atom rdf rss xml
    AddType image/webp                                  webp
    AddType image/x-icon                                cur ico
    AddType text/vtt                                    vtt
    AddType text/x-component                            htc
    AddType text/x-vcard                                vcf
</IfModule>

# ------------------------------------------------------------------------------
# | Character encodings                                                        |
# ------------------------------------------------------------------------------

# Set `UTF-8` as the character encoding for all resources served with
# the media type of `text/html` or `text/plain`.
AddDefaultCharset utf-8

# Set `UTF-8` as the character encoding for other certain resources.
<IfModule mod_mime.c>
    AddCharset utf-8 .atom 
                     .css 
                     .geojson 
                     .js 
                     .json 
                     .jsonld 
                     .rss 
                     .topojson 
                     .vtt 
                     .webapp 
                     .xml
</IfModule>

# ##############################################################################
# # URL REWRITES                                                               #
# ##############################################################################

# ------------------------------------------------------------------------------
# | Rewrite engine                                                             |
# ------------------------------------------------------------------------------

<IfModule mod_rewrite.c>
    Options +FollowSymlinks
    RewriteEngine On
    RewriteBase /
</IfModule>

# ------------------------------------------------------------------------------
# | Suppressing / Forcing the `www.` at the beginning of URLs                  |
# ------------------------------------------------------------------------------

# IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!

# Option 1: rewrite www.example.com → example.com

# <IfModule mod_rewrite.c>
#     RewriteCond %{HTTPS} !=on
#     RewriteCond %{HTTP_HOST} ^www.(.+)$ [NC]
#     RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# </IfModule>

# Option 2: rewrite example.com → www.example.com

# <IfModule mod_rewrite.c>
#    RewriteCond %{HTTPS} !=on
#    RewriteCond %{HTTP_HOST} !^www. [NC]
#    RewriteCond %{SERVER_ADDR} !=127.0.0.1
#    RewriteCond %{SERVER_ADDR} !=::1
#    RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# </IfModule>

# ##############################################################################
# # SECURITY                                                                   #
# ##############################################################################

# ------------------------------------------------------------------------------
# | File access                                                                |
# ------------------------------------------------------------------------------

# Block access to directories without a default document.

<IfModule mod_autoindex.c>
    Options -Indexes
</IfModule>

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

# Block access to all hidden files and directories with the exception of the
# visible content from within the `/.well-known/` hidden directory.

<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_URI} "!(^|/).well-known/([^./]+./?)+$" [NC]
    RewriteCond %{SCRIPT_FILENAME} -d [OR]
    RewriteCond %{SCRIPT_FILENAME} -f
    RewriteRule "(^|/)." - [F]
</IfModule>

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

# Block access to files that can expose sensitive information.

<FilesMatch "(^#.*#|.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$">

    # Apache < 2.3
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
        Satisfy All
    </IfModule>

    # Apache ≥ 2.3
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>

</FilesMatch>

<Files ~ "^.*.([Hh][Tt][Aa])">

    # Apache < 2.3
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
        Satisfy All
    </IfModule>

    # Apache ≥ 2.3
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>

</Files>

# ------------------------------------------------------------------------------
# | Reducing MIME type security risks                                          |
# ------------------------------------------------------------------------------

# Prevent some browsers from MIME-sniffing the response.

<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
</IfModule>

# ------------------------------------------------------------------------------
# | Reflected Cross-Site Scripting (XSS) attacks                               |
# ------------------------------------------------------------------------------

<IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    <FilesMatch ".(appcache|atom|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcf|vtt|webapp|web[mp]|woff2?|xml|xpi)$">
        Header unset X-XSS-Protection
    </FilesMatch>
</IfModule>

# ##############################################################################
# # WEB PERFORMANCE                                                            #
# ##############################################################################

# ------------------------------------------------------------------------------
# | Compression                                                                |
# ------------------------------------------------------------------------------

<IfModule mod_deflate.c>

    # Force compression for mangled headers.
    #
    <IfModule mod_setenvif.c>
        <IfModule mod_headers.c>
            SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)s*,?s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
            RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
        </IfModule>
    </IfModule>

    # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    # Mark certain resources as been compressed in order to:
    #
    #  1) prevent Apache from recompressing them
    #  2) ensure that they are served with the correct
    #     `Content-Encoding` HTTP response header

    <IfModule mod_mime.c>
        AddEncoding gzip              svgz
    </IfModule>

    # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    # Compress all output labeled with one of the following media types.

    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE "application/atom+xml" 
                                      "application/javascript" 
                                      "application/json" 
                                      "application/ld+json" 
                                      "application/manifest+json" 
                                      "application/rdf+xml" 
                                      "application/rss+xml" 
                                      "application/schema+json" 
                                      "application/vnd.geo+json" 
                                      "application/vnd.ms-fontobject" 
                                      "application/x-font-ttf" 
                                      "application/x-javascript" 
                                      "application/x-web-app-manifest+json" 
                                      "application/xhtml+xml" 
                                      "application/xml" 
                                      "font/eot" 
                                      "font/opentype" 
                                      "image/bmp" 
                                      "image/svg+xml" 
                                      "image/vnd.microsoft.icon" 
                                      "image/x-icon" 
                                      "text/cache-manifest" 
                                      "text/css" 
                                      "text/html" 
                                      "text/javascript" 
                                      "text/plain" 
                                      "text/vcard" 
                                      "text/vnd.rim.location.xloc" 
                                      "text/vtt" 
                                      "text/x-component" 
                                      "text/x-cross-domain-policy" 
                                      "text/xml"
    </IfModule>

</IfModule>

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

On Github License

Files

Download PDF of Htaccess file
DEFLATE, HTTP_HOST, HTTPS, REQUEST_FILENAME, REQUEST_URI, SCRIPT_FILENAME, SERVER_ADDR, TIME

Comments

Apache