paulzi/paulzi-template/master/.htaccess - Htaccess File


# Based on:
# Apache Server Configs v2.14.0 | MIT License

# Allow cross-origin requests.
# <IfModule mod_headers.c>
#     Header set Access-Control-Allow-Origin "*"
# </IfModule>

# Send the CORS header for images when browsers request it.
#<IfModule mod_setenvif.c>
#    <IfModule mod_headers.c>
#        <FilesMatch ".(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
#            SetEnvIf Origin ":" IS_CORS
#            Header set Access-Control-Allow-Origin "*" env=IS_CORS
#        </FilesMatch>
#    </IfModule>

# Allow cross-origin access to web fonts.
#<IfModule mod_headers.c>
#    <FilesMatch ".(eot|otf|tt[cf]|woff2?)$">
#        Header set Access-Control-Allow-Origin "*"
#    </FilesMatch>

# Customize what Apache returns to the client in case of an error.
# ErrorDocument 404 /404.html

# Disable the pattern matching based on filenames.
Options -MultiViews

# Force Internet Explorer 8/9/10 to render pages in the highest mode
#<IfModule mod_headers.c>
#    Header set X-UA-Compatible "IE=edge"
#    <FilesMatch ".(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
#        Header unset X-UA-Compatible
#    </FilesMatch>

# Allow cookies to be set from iframes in Internet Explorer.
# <IfModule mod_headers.c>
#     Header set P3P "policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""
# </IfModule>

# Serve resources with the proper media types (f.k.a. MIME types).
<IfModule mod_mime.c>
  # Data interchange
    AddType application/atom+xml                        atom
    AddType application/json                            json map topojson
    AddType application/ld+json                         jsonld
    AddType application/rss+xml                         rss
    AddType application/vnd.geo+json                    geojson
    AddType application/xml                             rdf xml
  # JavaScript
    AddType application/javascript                      js
  # Manifest files
    AddType application/manifest+json                   webmanifest
    AddType application/x-web-app-manifest+json         webapp
    AddType text/cache-manifest                         appcache
  # Media files
    AddType audio/mp4                                   f4a f4b m4a
    AddType audio/ogg                                   oga ogg opus
    AddType image/bmp                                   bmp
    AddType image/svg+xml                               svg svgz
    AddType image/webp                                  webp
    AddType video/mp4                                   f4v f4p m4v mp4
    AddType video/ogg                                   ogv
    AddType video/webm                                  webm
    AddType video/x-flv                                 flv
  # ico
    AddType image/x-icon                                cur ico
  # Web fonts
    AddType application/font-woff                       woff
    AddType application/font-woff2                      woff2
    AddType application/               eot
    AddType application/x-font-ttf                      ttc ttf
    AddType font/opentype                               otf
  # Other
    AddType application/octet-stream                    safariextz
    AddType application/x-bb-appworld                   bbaw
    AddType application/x-chrome-extension              crx
    AddType application/x-opera-extension               oex
    AddType application/x-xpinstall                     xpi
    AddType text/vcard                                  vcard vcf
    AddType text/vnd.rim.location.xloc                  xloc
    AddType text/vtt                                    vtt
    AddType text/x-component                            htc

# Set default encoding for all resources labeled as `text/html` or `text/plain`
AddDefaultCharset utf-8

# Serve the following file types with the media type `charset` parameter set to `UTF-8`.
<IfModule mod_mime.c>
    AddCharset utf-8 .atom 

# some rewrites
<IfModule mod_rewrite.c>
    RewriteEngine On
    Options +FollowSymlinks
    # Options +SymLinksIfOwnerMatch
    # RewriteBase /
    # RewriteCond %{HTTPS} =on
    # RewriteRule ^ - [env=proto:https]
    # RewriteCond %{HTTPS} !=on
    # RewriteRule ^ - [env=proto:http]

# Forcing `https://`
# <IfModule mod_rewrite.c>
#    RewriteEngine On
#    RewriteCond %{HTTPS} !=on
#    RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
# </IfModule>

# Suppressing / Forcing the `www.` at the beginning of URLs
# Option 1: rewrite →
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP_HOST} ^www.(.+)$ [NC]
    RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Option 2: rewrite →
# <IfModule mod_rewrite.c>
#     RewriteEngine On
#     RewriteCond %{HTTPS} !=on
#     RewriteCond %{HTTP_HOST} !^www. [NC]
#     RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# </IfModule>

# Protect website against clickjacking.
<IfModule mod_headers.c>
    Header set X-Frame-Options "SAMEORIGIN"
    <FilesMatch ".(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
        Header unset X-Frame-Options

# Block access to directories without a default document.
<IfModule mod_autoindex.c>
    Options -Indexes

# Prevent some browsers from MIME-sniffing the response.
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"

# Remove the `X-Powered-By` response header that:
<IfModule mod_headers.c>
    Header unset X-Powered-By

# Prevent Apache from adding a trailing footer line containing
ServerSignature Off

# Compression
<IfModule mod_deflate.c>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE "application/atom+xml" 
    <IfModule mod_mime.c>
        AddEncoding gzip              svgz

# Remove `ETags` as resources are sent with far-future expires headers.
<IfModule mod_headers.c>
    Header unset ETag
FileETag None

# Expires headers
<IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault                                      "access plus 1 month"
  # CSS
    ExpiresByType text/css                              "access plus 1 year"
  # Data interchange
    ExpiresByType application/atom+xml                  "access plus 1 hour"
    ExpiresByType application/rdf+xml                   "access plus 1 hour"
    ExpiresByType application/rss+xml                   "access plus 1 hour"
    ExpiresByType application/json                      "access plus 0 seconds"
    ExpiresByType application/ld+json                   "access plus 0 seconds"
    ExpiresByType application/schema+json               "access plus 0 seconds"
    ExpiresByType application/vnd.geo+json              "access plus 0 seconds"
    ExpiresByType application/xml                       "access plus 0 seconds"
    ExpiresByType text/xml                              "access plus 0 seconds"
  # Favicon (cannot be renamed!) and cursor images
    ExpiresByType image/              "access plus 1 week"
    ExpiresByType image/x-icon                          "access plus 1 week"
  # HTML
    ExpiresByType text/html                             "access plus 0 seconds"
  # JavaScript
    ExpiresByType application/javascript                "access plus 1 year"
    ExpiresByType application/x-javascript              "access plus 1 year"
    ExpiresByType text/javascript                       "access plus 1 year"
  # Manifest files
    ExpiresByType application/manifest+json             "access plus 1 week"
    ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
    ExpiresByType text/cache-manifest                   "access plus 0 seconds"
  # Media files
    ExpiresByType audio/ogg                             "access plus 1 month"
    ExpiresByType image/bmp                             "access plus 1 month"
    ExpiresByType image/gif                             "access plus 1 month"
    ExpiresByType image/jpeg                            "access plus 1 month"
    ExpiresByType image/png                             "access plus 1 month"
    ExpiresByType image/svg+xml                         "access plus 1 month"
    ExpiresByType image/webp                            "access plus 1 month"
    ExpiresByType video/mp4                             "access plus 1 month"
    ExpiresByType video/ogg                             "access plus 1 month"
    ExpiresByType video/webm                            "access plus 1 month"
  # Web fonts
    ExpiresByType application/         "access plus 1 month"
    ExpiresByType font/eot                              "access plus 1 month"
    ExpiresByType font/opentype                         "access plus 1 month"
    ExpiresByType application/x-font-ttf                "access plus 1 month"
    ExpiresByType application/font-woff                 "access plus 1 month"
    ExpiresByType application/x-font-woff               "access plus 1 month"
    ExpiresByType font/woff                             "access plus 1 month"
    ExpiresByType application/font-woff2                "access plus 1 month"
  # Other
    ExpiresByType text/x-cross-domain-policy            "access plus 1 week"

# Filename-based cache busting
# <IfModule mod_rewrite.c>
#     RewriteEngine On
#     RewriteCond %{REQUEST_FILENAME} !-f
#     RewriteRule ^(.+).(d+).(bmp|css|cur|gif|ico|jpe?g|js|png|svgz?|webp|webmanifest)$ $1.$3 [L]
# </IfModule>

On Github License


Download PDF of Htaccess file