Created
June 19, 2015 03:07
-
-
Save Uriel29/a698cc066c494a01e9d1 to your computer and use it in GitHub Desktop.
htaccess for Joomla in openShifit. Joomla 3.X
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# @package Joomla | |
# @copyright Copyright (C) 2005 - 2014 Open Source Matters. All rights reserved. | |
# @license GNU General Public License version 2 or later; see LICENSE.txt | |
## | |
########## Inicio - RewriteEngine ativado | |
RewriteEngine On | |
########## Final - RewriteEngine ativado | |
########## Inicio - RewriteBase | |
# Descomente linha seguinte, se o URL do seu servidor web | |
# não está directamente relacionado com caminhos de arquivos físicos. | |
# Atualize seu Diretório Joomla! (apenas / para root) | |
#RewriteBase / | |
########## Fim - RewriteBase | |
<IfModule mod_expires.c> | |
FileETag MTime Size | |
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript | |
ExpiresActive On | |
ExpiresDefault "access plus 1 seconds" | |
ExpiresByType text/html "access plus 600 seconds" | |
ExpiresByType text/css "access plus 604800 seconds" | |
ExpiresByType text/javascript "access plus 216000 seconds" | |
ExpiresByType application/xhtml+xml "access plus 600 seconds" | |
ExpiresByType application/javascript "access plus 216000 seconds" | |
ExpiresByType application/x-javascript "access plus 216000 seconds" | |
ExpiresByType image/x-icon "access plus 2592000 seconds" | |
ExpiresByType image/jpeg "access plus 2592000 seconds" | |
ExpiresByType image/png "access plus 2592000 seconds" | |
ExpiresByType image/gif "access plus 2592000 seconds" | |
</IfModule> | |
## Begin - Rewrite rules to block out some common exploits. | |
# If you experience problems on your site block out the operations listed below | |
# This attempts to block the most common type of exploit `attempts` to Joomla! | |
# | |
# Block out any script trying to base64_encode data within the URL. | |
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] | |
# Block out any script that includes a <script> tag in URL. | |
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] | |
# Block out any script trying to set a PHP GLOBALS variable via URL. | |
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] | |
# Block out any script trying to modify a _REQUEST variable via URL. | |
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) | |
# Return 403 Forbidden header and show the content of the root homepage | |
RewriteRule .* index.php [F] | |
# | |
## End - Rewrite rules to block out some common exploits. | |
## Begin - Custom redirects | |
# | |
# If you need to redirect some pages, or set a canonical non-www to | |
# www redirect (or vice versa), place that code here. Ensure those | |
# redirects use the correct RewriteRule syntax and the [R=301,L] flags. | |
# | |
## End - Custom redirects | |
## | |
# Uncomment following line if your webserver's URL | |
# is not directly related to physical file paths. | |
# Update Your Joomla! Directory (just / for root). | |
## | |
# RewriteBase / | |
########## Fim - RewriteBase | |
########## Inicio - Arquivo para a execução, por Komra.de | |
DirectoryIndex index.php index.html | |
########## Fim - File execution order | |
########## Inicio - Otimização ETag | |
## Esta regra irá criar um tag ETag para os arquivos com base apenas na modificação | |
## timestamp e do seu tamanho. Isso funciona se pergunta se você está usando rsync'ed | |
## servidores, onde o número inode de arquivos idênticos diferente. | |
## Nota: Pode causar problemas no seu servidor e você pode precisar removê-lo | |
FileETag MTime Size | |
########## Fim - Otimização ETag | |
########## Inicio - Compressão Automática de recursos | |
# Compressão de texto, html, javascript, css, xml, kudos para Komra.de | |
# Pode matar acesso ao seu site para versões antigas do Internet Explorer | |
# O servidor precisa ser compilado com mod_deflate caso contrário ele irá enviar HTTP 500 Error. | |
# mod_deflate não está disponível em Apache 1.x series. Só pode ser usado com Apache 2.x server. | |
# AddOutputFilterByType é agora substituído por Apache. Use mod_filter no futuro. | |
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript | |
########## Fim - Compressão Automática de recursos | |
########## CONFIGURAÇÕES PADRÃO DO JOOMLA ########## | |
########## Begin - Rewrite rules to block out some common exploits | |
## If you experience problems on your site block out the operations listed below | |
## This attempts to block the most common type of exploit `attempts` to Joomla! | |
# | |
# If the request query string contains /proc/self/environ (by SigSiu.net) | |
RewriteCond %{QUERY_STRING} proc/self/environ [OR] | |
# Legacy variable injection (these attacks wouldn't work w/out Joomla! 1.5's Legacy Mode plugin) | |
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] | |
# Block out any script trying to base64_encode/base64_decode data to send via URL | |
RewriteCond %{QUERY_STRING} base64_(en|de)code\(.*\) [OR] | |
## IMPORTANT: If the above line throws an HTTP 500 error, replace it with these 2 lines: | |
# RewriteCond %{QUERY_STRING} base64_encode\(.*\) [OR] | |
# RewriteCond %{QUERY_STRING} base64_decode\(.*\) [OR] | |
# Block out any script that includes a <script> tag in URL | |
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] | |
# Block out any script trying to set a PHP GLOBALS variable via URL | |
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] | |
# Block out any script trying to modify a _REQUEST variable via URL | |
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) | |
# Return a 403 Forbidden header and show the content of the root homepage | |
RewriteRule .* index.php [F] | |
# | |
########## End - Rewrite rules to block out some common exploits | |
############################################################ | |
########## Inicio - Proteção de Injeção de arquivos, por SigSiu.net | |
RewriteCond %{REQUEST_METHOD} GET | |
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] | |
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] | |
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] | |
RewriteRule .* - [F] | |
########## Fim - Proteção de Injeção de arquivos | |
## Permitir anexos do Agora, mas não os arquivos PHP no diretório! | |
RewriteCond %{REQUEST_FILENAME} !(\.php)$ | |
RewriteCond %{REQUEST_FILENAME} -f | |
RewriteRule ^components/com_agora/img/members/ - [L] | |
## Begin - Joomla! core SEF Section. | |
# | |
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
# | |
# If the requested path and file is not /index.php and the request | |
# has not already been internally rewritten to the index.php script | |
RewriteCond %{REQUEST_URI} !^/index\.php | |
# and the request is for something within the component folder, | |
# or for the site root, or for an extensionless URL, or the | |
# requested URL ends with one of the listed extensions | |
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC] | |
# and the requested path and file doesn't directly match a physical file | |
RewriteCond %{REQUEST_FILENAME} !-f | |
# and the requested path and file doesn't directly match a physical folder | |
RewriteCond %{REQUEST_FILENAME} !-d | |
# internally rewrite the request to the index.php script | |
RewriteRule .* index.php [L] | |
# | |
## End - Joomla! core SEF Section. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment