Created
June 20, 2018 15:34
-
-
Save IamLizu/ca6b978e36fbdeb02f75894c03f0f3aa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Allow access if Flarum is installed in a subdirectory, | |
# but another .htaccess in a higher directory denies access. | |
<IfModule mod_authz_core.c> | |
Require all granted | |
</IfModule> | |
<IfModule !mod_authz_core.c> | |
Order Allow,Deny | |
Allow from all | |
</IfModule> | |
# Fix for https://httpoxy.org vulnerability | |
<IfModule mod_headers.c> | |
RequestHeader unset Proxy | |
</IfModule> | |
<IfModule mod_security.c> | |
SecRule &REQUEST_HEADERS:Proxy "@gt 0" "id:1000005,log,deny,msg:'httpoxy denied'" | |
</IfModule> | |
<IfModule mod_rewrite.c> | |
RewriteEngine on | |
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule !^assets index.php [QSA,L] | |
# MultiViews can mess up our rewriting scheme | |
Options -MultiViews | |
# Autoindex will list all assets files which is not so good | |
Options -Indexes | |
</IfModule> | |
<IfModule mod_deflate.c> | |
# Compress all output labeled with one of the following MIME-types | |
<IfModule mod_filter.c> | |
AddOutputFilterByType DEFLATE application/atom+xml \ | |
application/javascript \ | |
application/json \ | |
application/vnd.ms-fontobject \ | |
application/x-font-ttf \ | |
application/x-web-app-manifest+json \ | |
application/xhtml+xml \ | |
application/xml \ | |
font/opentype \ | |
image/svg+xml \ | |
image/x-icon \ | |
text/css \ | |
text/html \ | |
text/plain \ | |
text/xml | |
</IfModule> | |
</IfModule> | |
# Configure cache expiry for different file types | |
<IfModule mod_expires.c> | |
ExpiresActive on | |
ExpiresDefault "access plus 1 second" | |
ExpiresByType text/css "access plus 1 year" | |
ExpiresByType application/json "access plus 0 seconds" | |
ExpiresByType application/xml "access plus 0 seconds" | |
ExpiresByType text/xml "access plus 0 seconds" | |
ExpiresByType image/x-icon "access plus 1 week" | |
ExpiresByType text/html "access plus 0 seconds" | |
ExpiresByType application/javascript "access plus 1 year" | |
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" | |
ExpiresByType text/cache-manifest "access plus 0 seconds" | |
ExpiresByType image/gif "access plus 1 month" | |
ExpiresByType image/jpeg "access plus 1 month" | |
ExpiresByType image/png "access plus 1 month" | |
ExpiresByType application/atom+xml "access plus 1 hour" | |
ExpiresByType application/rss+xml "access plus 1 hour" | |
ExpiresByType application/font-woff2 "access plus 1 month" | |
ExpiresByType application/font-woff "access plus 1 month" | |
ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | |
ExpiresByType application/x-font-ttf "access plus 1 month" | |
ExpiresByType font/opentype "access plus 1 month" | |
ExpiresByType image/svg+xml "access plus 1 month" | |
</IfModule> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment