Last active
February 18, 2017 12:11
-
-
Save adamrosloniec/07127030971583c99a6b to your computer and use it in GitHub Desktop.
htaccess - wordpress right way
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# BEGIN WordPress | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteRule ^index\.php$ - [L] | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule . /index.php [L] | |
</IfModule> | |
# END WordPress | |
# Block wp-includes folder and files | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteRule ^wp-admin/includes/ - [F,L] | |
RewriteRule !^wp-includes/ - [S=3] | |
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] | |
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] | |
RewriteRule ^wp-includes/theme-compat/ - [F,L] | |
</IfModule> | |
# Prevent directory listings | |
Options All -Indexes | |
<files .htaccess> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files .htpasswd> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files install.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files timthumb.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files wp-config.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files php.ini> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files error.log> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.error_log"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.errorlog"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files errorlog> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files error_log> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files error.log> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.log"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.ini"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files .DS_Store> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.DS_Store"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.svn"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.git"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.gitignore"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^\..*"> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files ~ "^.*\.([Hh][Tt][Aa])"> | |
Order allow,deny | |
Deny from all | |
Satisfy all | |
</files> | |
<files xmlrpc.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files readme.html> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files license.txt> | |
Order allow,deny | |
Deny from all | |
</files> | |
<files wp-comments-post.php> | |
Order allow,deny | |
Deny from all | |
</files> | |
<FilesMatch "^.*(error_log|wp-config\.php|php.ini|\.[hH][tT][aApP].*)$"> | |
Order allow,deny | |
Deny from all | |
</FilesMatch> | |
# Redirect to NON WWW | |
Options +FollowSymLinks | |
RewriteEngine on | |
RewriteCond %{HTTP_HOST} ^www.domainname.com$ [NC] | |
RewriteRule ^(.*)$ http://domainname.com/$1 [R=301,L] | |
# Don't display errors to user and don't save to file | |
php_flag display_startup_errors off | |
php_flag display_errors off | |
php_flag html_errors off | |
php_flag log_errors off | |
# Cache all files | |
<FilesMatch "\.(ico|svg|pdf|flv|jpg|jpeg|png|gif|js|css|swf)(\.gz)?$"> | |
Header set Expires "Wed, 31 Dec 2025 23:59:59 GMT" | |
</FilesMatch> | |
# SVG Fix - https://css-tricks.com/snippets/htaccess/serve-svg-correct-content-type/ | |
AddType image/svg+xml .svg .svgz | |
# Block Feed and Comments - Redirect to homepage from /feed/ and /comments/feed/ | |
Redirect 301 /feed/ / | |
Redirect 301 /feed/* / | |
Redirect 301 /comments/* / | |
Redirect 301 /comments/ / | |
Redirect 301 /xmlrpc.php / | |
Redirect 301 /wp-config.php / | |
# Block/Redirect from .git and .gitignore | |
RewriteRule "^(.*/)?\.git/" - [F,L] | |
# Cache all text | |
<IfModule mod_expires.c> | |
ExpiresActive on | |
ExpiresByType text/css "access plus 1 year" | |
ExpiresByType application/javascript "access plus 1 year" | |
</IfModule> | |
# Enable GZIP compression | |
<IfModule mod_filter.c> | |
AddOutputFilterByType DEFLATE text/plain | |
AddOutputFilterByType DEFLATE text/html | |
AddOutputFilterByType DEFLATE text/xml | |
AddOutputFilterByType DEFLATE text/css | |
AddOutputFilterByType DEFLATE application/xml | |
AddOutputFilterByType DEFLATE application/xhtml+xml | |
AddOutputFilterByType DEFLATE application/rss+xml | |
AddOutputFilterByType DEFLATE application/javascript | |
AddOutputFilterByType DEFLATE application/x-javascript | |
AddType x-font/otf .otf | |
AddType x-font/ttf .ttf | |
AddType x-font/eot .eot | |
AddType x-font/woff .woff | |
AddType image/x-icon .ico | |
AddType image/png .png | |
"application/javascript" \ | |
"application/json" \ | |
"application/ld+json" \ | |
"application/manifest+json" \ | |
"application/rdf+xml" \ | |
"application/rss+xml" \ | |
"application/schema+json" \ | |
"application/vnd.geo+json" \ | |
"application/vnd.ms-fontobject" \ | |
"application/x-font-ttf" \ | |
"application/x-javascript" \ | |
"application/x-web-app-manifest+json" \ | |
"application/xhtml+xml" \ | |
"application/xml" \ | |
"font/eot" \ | |
"font/opentype" \ | |
"image/bmp" \ | |
"image/svg+xml" \ | |
"image/vnd.microsoft.icon" \ | |
"image/x-icon" \ | |
"text/cache-manifest" \ | |
"text/css" \ | |
"text/html" \ | |
"text/javascript" \ | |
"text/plain" \ | |
"text/vcard" \ | |
"text/vnd.rim.location.xloc" \ | |
"text/vtt" \ | |
"text/x-component" \ | |
"text/x-cross-domain-policy" \ | |
"text/xml" | |
</IfModule> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment