Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
htaccess that can protect an environment
#
# .htaccess
# Apache Configuration File
#
# This code has been assembed from various places. A LOT of it came from
# the HTML boilerplate. See their awesome stuff here: http://html5boilerplate.com/
#
# Created by Jesse Bunch on 2011-04-15.
# Copyright 2011 Jesse Bunch (www.GetBunch.com). All rights reserved.
#
# Force the latest IE version, in various cases when it may fall back to IE7 mode
# github.com/rails/rails/commit/123eb25#commitcomment-118920
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
BrowserMatch MSIE ie
Header set X-UA-Compatible "IE=Edge,chrome=1" env=ie
</IfModule>
</IfModule>
# hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
# Disabled. Uncomment to serve cross-domain ajax requests
#<IfModule mod_headers.c>
# Header set Access-Control-Allow-Origin "*"
#</IfModule>
# allow access from all domains for webfonts
# alternatively you could only whitelist
# your subdomains like "sub.domain.com"
<FilesMatch "\.(ttf|otf|eot|woff|font.css)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
# HTC Files (for IE hacks)
AddType text/x-component .htc
# video
AddType video/ogg ogg ogv
AddType video/mp4 mp4
AddType video/webm webm
# Proper svg serving. Required for svg webfonts on iPad
# twitter.com/FontSquirrel/status/14855840545
AddType image/svg+xml svg svgz
# webfonts
AddType application/vnd.ms-fontobject eot
AddType font/ttf ttf
AddType font/otf otf
AddType font/x-woff woff
AddType text/cache-manifest manifest
# gzip compression.
<IfModule mod_deflate.c>
# html, xml, css, and js:
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript text/javascript application/javascript application/json text/js
# webfonts and svg:
<FilesMatch "\.(ttf|otf|eot|svg)$" >
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
# Far-Future Expires Headers
# Uncomment when you go-live
# <IfModule mod_expires.c>
# Header set cache-control: public
# ExpiresActive on
#
# # Perhaps better to whitelist expires rules? Perhaps.
# ExpiresDefault "access plus 1 month"
#
# # cache.manifest needs re-reqeusts in FF 3.6 (thx Remy ~Introducing HTML5)
# ExpiresByType text/cache-manifest "access plus 0 seconds"
#
# # your document html
# ExpiresByType text/html "access"
#
# # rss feed
# ExpiresByType application/rss+xml "access plus 1 hour"
#
# # favicon (cannot be renamed)
# ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
#
# # media: images, video, audio
# ExpiresByType image/png "access plus 1 month"
# ExpiresByType image/jpg "access plus 1 month"
# ExpiresByType image/jpeg "access plus 1 month"
# ExpiresByType video/ogg "access plus 1 month"
# ExpiresByType audio/ogg "access plus 1 month"
# ExpiresByType video/mp4 "access plus 1 month"
#
# # webfonts
# ExpiresByType font/ttf "access plus 1 month"
# ExpiresByType font/woff "access plus 1 month"
# ExpiresByType image/svg+xml "access plus 1 month"
#
# # css and javascript
# ExpiresByType text/css "access plus 1 week"
# ExpiresByType application/javascript "access plus 1 week"
# ExpiresByType text/javascript "access plus 1 week"
# </IfModule>
# Since we're sending far-future expires, we don't need ETags for
# static content.
# developer.yahoo.com/performance/rules.html#etags
FileETag None
RewriteEngine On
RewriteBase /
# Vanity URLs (use these instead of Redirect 301)
# See this thread: http://stackoverflow.com/questions/5517420/apache-added-a-in-htaccess-301-redirect
# RewriteRule ^expandyourtaste[\/]?$ http://domain.com/mobile/expandyourtaste/ [R=301,L,NC]
# Whitelist allowed IPs into the staging environment
# Keeps search engines away
RewriteCond %{REMOTE_ADDR} !^10\.1\.10\.[0-9]*$
RewriteCond %{REMOTE_ADDR} !^22\.33\.44\.55$
RewriteCond %{HTTP_HOST} ^staging.domain.com
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
# remove the www
# RewriteCond %{HTTP_HOST} ^www.domain.com$ [NC]
# RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]
# add the www
# RewriteCond %{HTTP_HOST} ^domain.com$ [NC]
# RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]
# Add a trailing slash to paths without an extension
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule ^(.*)$ $1/ [L,R=301]
# Enable SEO Friendly URLs in EE or CodeIgniter
RewriteCond %{QUERY_STRING} !^(ACT=.*)$ [NC]
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5})$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} ^/(ee|template|groups|here|site|P[0-9]{2,8}) [NC]
RewriteRule ^(.*)$ /index.php/$1 [L]
# -Indexes will have Apache block users from browsing folders without a default document
Options -Indexes
# custom 404 page
ErrorDocument 404 /misc/404/
# use utf-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8
# force utf-8 for a number of file formats
AddCharset utf-8 .html .css .js .xml .json .rss
# Slip PHP some crack...
php_value upload_max_filesize 100M
php_value post_max_size 200M
php_value memory_limit 256M
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.