adamrosloniec/gist:07127030971583c99a6b

## gistfile1.txt
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress


# Block wp-includes folder and files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>


# Prevent directory listings
Options All -Indexes


<files .htaccess>
Order allow,deny
Deny from all
</files>
<files .htpasswd>
Order allow,deny
Deny from all
</files>
<files install.php>
Order allow,deny
Deny from all
</files>
<files timthumb.php>
Order allow,deny
Deny from all
</files>
<files wp-config.php>
Order allow,deny
Deny from all
</files>
<files php.ini>
Order allow,deny
Deny from all
</files>
<files error.log>
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.error_log">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.errorlog">
Order allow,deny
Deny from all
</files>
<files errorlog>
Order allow,deny
Deny from all
</files>
<files error_log>
Order allow,deny
Deny from all
</files>
<files error.log>
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.log">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.ini">
Order allow,deny
Deny from all
</files>
<files .DS_Store>
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.DS_Store">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.svn">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.git">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.gitignore">
Order allow,deny
Deny from all
</files>

<files ~ "^\..*">
Order allow,deny
Deny from all
</files>
<files ~ "^.*\.([Hh][Tt][Aa])">
Order allow,deny
Deny from all
Satisfy all
</files>
<files xmlrpc.php>
Order allow,deny
Deny from all
</files>
<files readme.html>
Order allow,deny
Deny from all
</files>
<files license.txt>
Order allow,deny
Deny from all
</files>
<files wp-comments-post.php>
Order allow,deny
Deny from all
</files>


<FilesMatch "^.*(error_log|wp-config\.php|php.ini|\.[hH][tT][aApP].*)$">
Order allow,deny
Deny from all
</FilesMatch>


# Redirect to NON WWW
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.domainname.com$ [NC]
RewriteRule ^(.*)$ http://domainname.com/$1 [R=301,L]


# Don't display errors to user and don't save to file
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off
php_flag log_errors off


# Cache all files
<FilesMatch "\.(ico|svg|pdf|flv|jpg|jpeg|png|gif|js|css|swf)(\.gz)?$">
Header set Expires "Wed, 31 Dec 2025 23:59:59 GMT"
</FilesMatch>


# SVG Fix  - https://css-tricks.com/snippets/htaccess/serve-svg-correct-content-type/
AddType image/svg+xml .svg .svgz


# Block Feed and Comments - Redirect to homepage from /feed/ and /comments/feed/
Redirect 301 /feed/ /
Redirect 301 /feed/* /
Redirect 301 /comments/* /
Redirect 301 /comments/ /
Redirect 301 /xmlrpc.php /
Redirect 301 /wp-config.php /


# Block/Redirect from .git and .gitignore
RewriteRule "^(.*/)?\.git/" - [F,L]


# Cache all text
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
</IfModule>


# Enable GZIP compression
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddType x-font/otf .otf
AddType x-font/ttf .ttf
AddType x-font/eot .eot
AddType x-font/woff .woff
AddType image/x-icon .ico
AddType image/png .png
"application/javascript" \
"application/json" \
"application/ld+json" \
"application/manifest+json" \
"application/rdf+xml" \
"application/rss+xml" \
"application/schema+json" \
"application/vnd.geo+json" \
"application/vnd.ms-fontobject" \
"application/x-font-ttf" \
"application/x-javascript" \
"application/x-web-app-manifest+json" \
"application/xhtml+xml" \
"application/xml" \
"font/eot" \
"font/opentype" \
"image/bmp" \
"image/svg+xml" \
"image/vnd.microsoft.icon" \
"image/x-icon" \
"text/cache-manifest" \
"text/css" \
"text/html" \
"text/javascript" \
"text/plain" \
"text/vcard" \
"text/vnd.rim.location.xloc" \
"text/vtt" \
"text/x-component" \
"text/x-cross-domain-policy" \
"text/xml"
</IfModule>
	# BEGIN WordPress
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /
	RewriteRule ^index\.php$ - [L]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule . /index.php [L]
	</IfModule>
	# END WordPress


	# Block wp-includes folder and files
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteBase /
	RewriteRule ^wp-admin/includes/ - [F,L]
	RewriteRule !^wp-includes/ - [S=3]
	RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
	RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
	RewriteRule ^wp-includes/theme-compat/ - [F,L]
	</IfModule>


	# Prevent directory listings
	Options All -Indexes


	<files .htaccess>
	Order allow,deny
	Deny from all
	</files>
	<files .htpasswd>
	Order allow,deny
	Deny from all
	</files>
	<files install.php>
	Order allow,deny
	Deny from all
	</files>
	<files timthumb.php>
	Order allow,deny
	Deny from all
	</files>
	<files wp-config.php>
	Order allow,deny
	Deny from all
	</files>
	<files php.ini>
	Order allow,deny
	Deny from all
	</files>
	<files error.log>
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.error_log">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.errorlog">
	Order allow,deny
	Deny from all
	</files>
	<files errorlog>
	Order allow,deny
	Deny from all
	</files>
	<files error_log>
	Order allow,deny
	Deny from all
	</files>
	<files error.log>
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.log">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.ini">
	Order allow,deny
	Deny from all
	</files>
	<files .DS_Store>
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.DS_Store">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.svn">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.git">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.gitignore">
	Order allow,deny
	Deny from all
	</files>

	<files ~ "^\..*">
	Order allow,deny
	Deny from all
	</files>
	<files ~ "^.*\.([Hh][Tt][Aa])">
	Order allow,deny
	Deny from all
	Satisfy all
	</files>
	<files xmlrpc.php>
	Order allow,deny
	Deny from all
	</files>
	<files readme.html>
	Order allow,deny
	Deny from all
	</files>
	<files license.txt>
	Order allow,deny
	Deny from all
	</files>
	<files wp-comments-post.php>
	Order allow,deny
	Deny from all
	</files>


	<FilesMatch "^.(error_log\|wp-config\.php\|php.ini\|\.[hH][tT][aApP].)$">
	Order allow,deny
	Deny from all
	</FilesMatch>


	# Redirect to NON WWW
	Options +FollowSymLinks
	RewriteEngine on
	RewriteCond %{HTTP_HOST} ^www.domainname.com$ [NC]
	RewriteRule ^(.*)$ http://domainname.com/$1 [R=301,L]


	# Don't display errors to user and don't save to file
	php_flag display_startup_errors off
	php_flag display_errors off
	php_flag html_errors off
	php_flag log_errors off


	# Cache all files
	<FilesMatch "\.(ico\|svg\|pdf\|flv\|jpg\|jpeg\|png\|gif\|js\|css\|swf)(\.gz)?$">
	Header set Expires "Wed, 31 Dec 2025 23:59:59 GMT"
	</FilesMatch>


	# SVG Fix - https://css-tricks.com/snippets/htaccess/serve-svg-correct-content-type/
	AddType image/svg+xml .svg .svgz


	# Block Feed and Comments - Redirect to homepage from /feed/ and /comments/feed/
	Redirect 301 /feed/ /
	Redirect 301 /feed/* /
	Redirect 301 /comments/* /
	Redirect 301 /comments/ /
	Redirect 301 /xmlrpc.php /
	Redirect 301 /wp-config.php /


	# Block/Redirect from .git and .gitignore
	RewriteRule "^(.*/)?\.git/" - [F,L]


	# Cache all text
	<IfModule mod_expires.c>
	ExpiresActive on
	ExpiresByType text/css "access plus 1 year"
	ExpiresByType application/javascript "access plus 1 year"
	</IfModule>


	# Enable GZIP compression
	<IfModule mod_filter.c>
	AddOutputFilterByType DEFLATE text/plain
	AddOutputFilterByType DEFLATE text/html
	AddOutputFilterByType DEFLATE text/xml
	AddOutputFilterByType DEFLATE text/css
	AddOutputFilterByType DEFLATE application/xml
	AddOutputFilterByType DEFLATE application/xhtml+xml
	AddOutputFilterByType DEFLATE application/rss+xml
	AddOutputFilterByType DEFLATE application/javascript
	AddOutputFilterByType DEFLATE application/x-javascript
	AddType x-font/otf .otf
	AddType x-font/ttf .ttf
	AddType x-font/eot .eot
	AddType x-font/woff .woff
	AddType image/x-icon .ico
	AddType image/png .png
	"application/javascript" \
	"application/json" \
	"application/ld+json" \
	"application/manifest+json" \
	"application/rdf+xml" \
	"application/rss+xml" \
	"application/schema+json" \
	"application/vnd.geo+json" \
	"application/vnd.ms-fontobject" \
	"application/x-font-ttf" \
	"application/x-javascript" \
	"application/x-web-app-manifest+json" \
	"application/xhtml+xml" \
	"application/xml" \
	"font/eot" \
	"font/opentype" \
	"image/bmp" \
	"image/svg+xml" \
	"image/vnd.microsoft.icon" \
	"image/x-icon" \
	"text/cache-manifest" \
	"text/css" \
	"text/html" \
	"text/javascript" \
	"text/plain" \
	"text/vcard" \
	"text/vnd.rim.location.xloc" \
	"text/vtt" \
	"text/x-component" \
	"text/x-cross-domain-policy" \
	"text/xml"
	</IfModule>