Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
The ultimate .htaccess file. Please feel free to fork it, edit it and let me know what do you think about it.
# Apache configuration file
# httpd.apache.org/docs/2.2/mod/quickreference.html
# Note .htaccess files are an overhead, this logic should be in your Apache
# config if possible: httpd.apache.org/docs/2.2/howto/htaccess.html
# Techniques in here adapted from all over, including:
# Kroc Camen: camendesign.com/.htaccess
# perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
# Sample .htaccess file of CMS MODx: modxcms.com
# This is the free sample of .htaccess from 6GO s.r.l.
# @author Claudio Ludovico Panetta (@Ludo237)
# @version 2.0.1
#
#
# ----------------------------------------------------------------------
# Default Lang and Basic Security Behavior
# ----------------------------------------------------------------------
# X-Powered-By hidden by default nobody will notice if you're using PHP or ASP or whatever
Header unset X-Powered-By
# Set by default UTF-8 charset
AddDefaultCharset UTF-8
# ITALIAN language for this files, change it for your needs
AddLanguage it-IT .html .htm .css .js
# Set the default charset for every feed methods
AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
# ITALIAN timezone, change it for your needs
SetEnv TZ Europe/Rome
# Don not allow any pages to be framed - Defends against CSRF
Header set X-Frame-Options SAMEORIGIN
# Turn on IE8-IE9 XSS prevention tools
Header set X-XSS-Protection "1; mode=block"
# Only allow JavaScript from the same domain to be run.
# Don not allow inline JavaScript to run.
Header set X-Content-Security-Policy "allow 'self';"
# Prevent mime based attacks
Header set X-Content-Type-Options "nosniff"
# Disable server sign
ServerSignature Off
# drop Range header when more than 5 ranges. CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range
# LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK. Bytes, 0-2147483647(2GB)
LimitRequestBody 2147483647
#
#
# ----------------------------------------------------------------------
# Use the latest PHP avaiable, comment this if you are not using PHP
# ----------------------------------------------------------------------
AddType application/x-httpd-php55 .php
AddHandler application/x-httpd-php55 .php
suPHP_ConfigPath /opt/php55/lib
<IfModule php5_module>
php_value session.cookie_httponly true
</IfModule>
<IfModule mod_suphp.c>
<Files php.ini>
order allow,deny
deny from all
</Files>
</IfModule>
#
#
# ----------------------------------------------------------------------
# Better website experience for IE users. We care of them LOL
# ----------------------------------------------------------------------
# Force the latest IE version, in various cases when it may fall back to IE7 mode
# futher details: github.com/rails/rails/commit/123eb25#commitcomment-118920
# Use ChromeFrame if it's installed for a better experience for the poor IE folks
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=Edge,chrome=1"
# mod_headers cannnot match by content-type, but we don't want to send this header on *everything*...
<FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
Header unset X-UA-Compatible
</FilesMatch>
# Header set P3P "policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS""
# OR THIS, SIMPLER
# Header set P3P "policyref="/w3c/p3p.xml""
</IfModule>
#
#
# ----------------------------------------------------------------------
# Cross-domain AJAX requests, ENABLE CSRF first (see above)
# ----------------------------------------------------------------------
# Serve cross-domain Ajax requests, disabled by default. Enable-cors.org
# code.google.com/p/html5security/wiki/CrossOriginRequestSecurity
# <IfModule mod_headers.c>
# Header set Access-Control-Allow-Origin "*"
# </IfModule>
#
#
# ----------------------------------------------------------------------
# CORS-enabled images (@crossorigin)
# ----------------------------------------------------------------------
# Send CORS headers if browsers request them; enabled by default for images.
# futher details:
# - developer.mozilla.org/en/CORS_Enabled_Image
# - blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
# - hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
# - wiki.mozilla.org/Security/Reviews/crossoriginAttribute
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
# mod_headers, y u no match by Content-Type?!
<FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
</IfModule>
#
#
# ----------------------------------------------------------------------
# Webfont access
# ----------------------------------------------------------------------
# Allow access from all domains for webfonts.Alternatively you could only whitelist your
# subdomains like "subdomain.example.com".
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
#
#
# ----------------------------------------------------------------------
# Proper MIME type for all files
# ----------------------------------------------------------------------
# JavaScript
# Normalize to standard type (it is sniffed in IE anyways)
# futher details: tools.ietf.org/html/rfc4329#section-7.2
AddType application/javascript js jsonp
AddType application/json json
#
# Audio
#
AddType audio/ogg oga ogg
AddType audio/mp4 m4a f4a f4b
#
# Video
#
AddType video/ogg ogv
AddType video/mp4 mp4 m4v f4v f4p
AddType video/webm webm
AddType video/x-flv flv
#
# SVG
# Required for svg webfonts on iPad
# futher details: twitter.com/FontSquirrel/status/14855840545
#
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
#
# Webfonts
#
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff
#
# Assorted types
#
AddType image/x-icon ico
AddType image/webp webp
AddType text/cache-manifest appcache manifest
AddType text/x-component htc
AddType application/xml rss atom xml rdf
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-xpinstall xpi
AddType application/octet-stream safariextz
AddType application/x-web-app-manifest+json webapp
AddType text/x-vcard vcf
AddType application/x-shockwave-flash swf
AddType text/vtt vtt
#
#
# ----------------------------------------------------------------------
# Allow concatenation from within specific js and css files
# ----------------------------------------------------------------------
# e.g. Inside of script.combined.js you could have
# <!--#include file="libs/jquery-1.5.0.min.js" -->
# <!--#include file="plugins/jquery.idletimer.js" -->
# and they would be included into this single file.
# This is not in use in the boilerplate as it stands. You may
# choose to use this technique if you do not have a build process.
#<FilesMatch "\.combined\.js$">
# Options +Includes
# AddOutputFilterByType INCLUDES application/javascript application/json
# SetOutputFilter INCLUDES
#</FilesMatch>
#<FilesMatch "\.combined\.css$">
# Options +Includes
# AddOutputFilterByType INCLUDES text/css
# SetOutputFilter INCLUDES
#</FilesMatch>
#
#
# ----------------------------------------------------------------------
# Gzip compression
# ----------------------------------------------------------------------
<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>
<IfModule mod_deflate.c>
# Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
# Compress all output labeled with one of the following MIME-types
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>
#
#
# ----------------------------------------------------------------------
# Expires headers (for better cache control)
# ----------------------------------------------------------------------
# These are pretty far-future expires headers.
# They assume you control versioning with filename-based cache busting
# Additionally, consider that outdated proxies may miscache
# futher details: www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
# If you don nott use filenames to version, lower the CSS and JS to something like "access plus 1 week".
# 1 YEAR - does not change often
<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
ExpiresDefault A29030400
</FilesMatch>
<IfModule mod_expires.c>
ExpiresActive on
#
# Perhaps better to whitelist expires rules? Perhaps.
#
ExpiresDefault "access plus 1 month"
#
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
#
ExpiresByType text/cache-manifest "access plus 0 seconds"
#
# Your document html
#
ExpiresByType text/html "access plus 0 seconds"
#
# Data
#
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
#
# Feed
#
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
#
# Favicon (cannot be renamed)
#
ExpiresByType image/x-icon "access plus 1 month"
#
# Media: images, video, audio
#
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
#
# HTC files (css3pie)
#
ExpiresByType text/x-component "access plus 1 month"
#
# Webfonts
#
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
#
# CSS and JavaScript
#
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
</IfModule>
#
#
# ----------------------------------------------------------------------
# Prevent mobile network providers from modifying your site
# ----------------------------------------------------------------------
# The following header prevents modification of your code over 3G on some
# European providers.
# This is the official 'bypass' suggested by O2 in the UK.
<IfModule mod_headers.c>
Header set Cache-Control "no-transform"
</IfModule>
#
#
# ----------------------------------------------------------------------
# ETag removal
# ----------------------------------------------------------------------
# FileETag None is not enough for every server.
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
# Since we are sending far-future expires, we don not need ETags for
# static content.
# futher details: developer.yahoo.com/performance/rules.html#etags
FileETag None
#
#
# ----------------------------------------------------------------------
# Stop screen flicker in IE on CSS rollovers
# ----------------------------------------------------------------------
# The following directives stop screen flicker in IE on CSS rollovers - in
# combination with the "ExpiresByType" rules for images (see above).
BrowserMatch "MSIE" brokenvary=1
BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
BrowserMatch "Opera" !brokenvary
SetEnvIf brokenvary 1 force-no-vary
#
#
# ----------------------------------------------------------------------
# Set Keep-Alive Header
# ----------------------------------------------------------------------
# Keep-Alive allows the server to send multiple requests through one
# TCP-connection. Be aware of possible disadvantages of this setting. Turn on
# if you serve a lot of static content.
<IfModule mod_headers.c>
Header set Connection Keep-Alive
</IfModule>
#
#
# ----------------------------------------------------------------------
# Cookie setting from iframes
# ----------------------------------------------------------------------
# Allow cookies to be set from iframes (for IE only)
# If needed, specify a path or regex in the Location directive.
# <IfModule mod_headers.c>
# Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
# </IfModule>
#
#
# ----------------------------------------------------------------------
# Start rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and
# features. FollowSymLinks must be enabled for this to work.
# Some cloud hosting services require RewriteBase to be set: goo.gl/HOcPN
# If using the h5bp in a subdirectory, use `RewriteBase /foo` instead where
# 'foo' is your directory.
# If your web host does not allow the FollowSymlinks option, you may need to
# comment it out and use `Options +SymLinksIfOwnerMatch`, but be aware of the
# performance impact: http://goo.gl/Mluzd
<IfModule mod_rewrite.c>
RewriteEngine On
Options +FollowSymlinks
RewriteBase /
#
## Force public directory for the rood of websites ##
# Change ludo237.github to be your primary domain.
#
RewriteCond %{HTTP_HOST} ^(www.)?ludo237.github$
#
# Change 'subfolder' to be the folder you will use for your primary domain.
#
RewriteCond %{REQUEST_URI} !^/repositories/
#
# Do not change this line.
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#
# Change 'subfolder' to be the folder you will use for your primary domain.
#
RewriteRule ^(.*)$ /repositories/$1
# Change ludo237.github to be your primary domain again.
# Change 'subfolder' to be the folder you will use for your primary domain
# followed by / then the main file for your site, index.php, index.html, etc.
RewriteCond %{HTTP_HOST} ^(www.)?ludo237.github$
RewriteRule ^(.*)$ http://ludo237.github/$1 [R,L]
#
## Remove Extensions ##
# change the .php extension with whatever you need
#
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
#
## Remove Bad Bots from crawling ##
# IF THE UA STARTS WITH THESE
# Block spambots
#
RewriteCond %{HTTP_USER_AGENT} ^(aesop_com_spiderman|alexibot|backweb|bandit|batchftp|bigfoot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(black.?hole|blackwidow|blowfish|botalot|buddy|builtbottough|bullseye) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(cheesebot|cherrypicker|chinaclaw|collector|copier|copyrightcheck) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(cosmos|crescent|curl|custo|da|diibot|disco|dittospyder|dragonfly) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(drip|easydl|ebingbong|ecatch|eirgrabber|emailcollector|emailsiphon) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(emailwolf|erocrawler|exabot|eyenetie|filehound|flashget|flunky) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(frontpage|getright|getweb|go.?zilla|go-ahead-got-it|gotit|grabnet) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(grafula|harvest|hloader|hmview|httplib|httrack|humanlinks|ilsebot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(infonavirobot|infotekies|intelliseek|interget|iria|jennybot|jetcar) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(joc|justview|jyxobot|kenjin|keyword|larbin|leechftp|lexibot|lftp|libweb) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(likse|linkscan|linkwalker|lnspiderguy|lwp|magnet|mag-net|markwatch) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(mata.?hari|memo|microsoft.?url|midown.?tool|miixpc|mirror|missigua) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(mister.?pix|moget|mozilla.?newt|nameprotect|navroad|backdoorbot|nearsite) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(net.?vampire|netants|netcraft|netmechanic|netspider|nextgensearchbot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(attach|nicerspro|nimblecrawler|npbot|octopus|offline.?explorer) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(offline.?navigator|openfind|outfoxbot|pagegrabber|papa|pavuk) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(pcbrowser|php.?version.?tracker|pockey|propowerbot|prowebwalker) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(psbot|pump|queryn|recorder|realdownload|reaper|reget|true_robot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(repomonkey|rma|internetseer|sitesnagger|siphon|slysearch|smartdownload) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(snake|snapbot|snoopy|sogou|spacebison|spankbot|spanner|sqworm|superbot) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(superhttp|surfbot|asterias|suzuran|szukacz|takeout|teleport) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(telesoft|the.?intraformant|thenomad|tighttwatbot|titan|urldispatcher) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(turingos|turnitinbot|urly.?warning|vacuum|vci|voideye|whacker) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(libwww-perl|widow|wisenutbot|wwwoffle|xaldon|xenu|zeus|zyborg|anonymouse) [NC,OR]
#
## STARTS WITH WEB
#
RewriteCond %{HTTP_USER_AGENT} ^web(zip|emaile|enhancer|fetch|go.?is|auto|bandit|clip|copier|master|reaper|sauger|site.?quester|whack) [NC,OR]
#
## ANYWHERE IN UA -- GREEDY REGEX
#
RewriteCond %{HTTP_USER_AGENT} ^.*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures).*$ [NC]
#
## ISSUE 403 / SERVE ERRORDOCUMENT
#
RewriteRule . - [F,L]
#
## Useragents starting with
#
RewriteCond %{HTTP_USER_AGENT} ^atraxbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Azureus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^geohasher [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^PycURL [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Python-urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^research-scan-bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Sosospider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^xenu [NC,OR]
#
## User agents contains string
#
RewriteCond %{HTTP_USER_AGENT} ^.*casper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*goblox [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*sun4u [NC]
RewriteRule ^(.*)$ - [F]
#
## Disable blank UA
## Blank UA and Referer
#
RewriteCond %{HTTP_REFERER} ^$ [NC]
RewriteCond %{HTTP_USER_AGENT} ^$ [NC]
RewriteRule .* - [F,L]
#
## Prevent use of specified methods in HTTP Request
#
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
#
## Block out use of illegal or unsafe characters in the HTTP Request
#
RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC,OR]
#
## Block out use of illegal or unsafe characters in the Referer Variable of the HTTP Request
## RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
## Block out use of illegal or unsafe characters in any cookie associated with the HTTP Request
#
RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
#
## Block out use of illegal characters in URI or use of malformed URI
#
RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* [NC,OR]
#
## Block out use of empty User Agent Strings
## NOTE - disable this rule if your site is integrated with Payment Gateways such as PayPal
## RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
## Block out use of illegal or unsafe characters in the User Agent variable
#
RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
#
## Measures to block out SQL injection attacks
#
RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|"|'|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR]
#
## Block out reference to localhost/loopback/127.0.0.1 in the Query String
#
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
#
## Block out use of illegal or unsafe characters in the Query String variable
#
RewriteCond %{QUERY_STRING} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC]
#
########## Begin - File injection protection, by SigSiu.net
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
########## End - File injection protection
#
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http%3A%2F%2F [OR]
#
# proc/self/environ? no way!
#
RewriteCond %{QUERY_STRING} proc\/self\/environ [NC,OR]
#
## PHP-CGI Vulnerability
#
RewriteCond %{QUERY_STRING} ^(%2d|\-)[^=]+$ [NC]
RewriteRule (.*) - [F,L]
</IfModule>
#
#
# ----------------------------------------------------------------------
# Suppress or force the "www." at the beginning of URLs
# ----------------------------------------------------------------------
# The same content should never be available under two different URLs -
# especially not with and without "www." at the beginning, since this can cause
# SEO problems (duplicate content). That is why you should choose one of the
# alternatives and redirect the other one.
# By default option 1 (no "www.") is activated.
# no-www.org/faq.php?q=class_b
# If you would prefer to use option 2, just comment out all option 1 lines
# and uncomment option 2.
# IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
# ----------------------------------------------------------------------
# Option 1:
# Rewrite "www.example.com -> example.com".
#<IfModule mod_rewrite.c>
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
#</IfModule>
# ----------------------------------------------------------------------
# Option 2:
# Rewrite "example.com -> www.example.com".
# Be aware that the following rule might not be a good idea if you use "real"
# subdomains for certain parts of your website.
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
#
#
# ----------------------------------------------------------------------
# Built-in filename-based cache busting
# ----------------------------------------------------------------------
# If you are not using the build script to manage your filename version revving,
# you might want to consider enabling this, which will route requests for
# `/css/style.20110203.css` to `/css/style.css`.
# To understand why this is important and a better idea than all.css?v1231,
# please refer to the bundled documentation about `.htaccess`.
# <IfModule mod_rewrite.c>
# RewriteCond %{REQUEST_FILENAME} !-f
# RewriteCond %{REQUEST_FILENAME} !-d
# RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
# </IfModule>
#
#
# ----------------------------------------------------------------------
# Prevent SSL cert warnings
# ----------------------------------------------------------------------
# Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent
# https://www.example.com when your cert only allows https://secure.example.com
# <IfModule mod_rewrite.c>
# RewriteCond %{SERVER_PORT} !^443
# RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L]
# </IfModule>
#
#
# ----------------------------------------------------------------------
# Prevent 404 errors for non-existing redirected folders
# ----------------------------------------------------------------------
# without -MultiViews, Apache will give a 404 for a rewrite if a folder of the
# same name does not exist.
# webmasterworld.com/apache/3808792.htm
Options -MultiViews
#
#
# ----------------------------------------------------------------------
# Custom Errors page
# ----------------------------------------------------------------------
# You can add custom pages to handle 500 or 403 pretty easily, if you like.
# If you are hosting your site in subdirectory, adjust this accordingly
# e.g. ErrorDocument 404 /subdir/404.html
ErrorDocument 100 /100_CONTINUE
ErrorDocument 101 /101_SWITCHING_PROTOCOLS
ErrorDocument 102 /102_PROCESSING
ErrorDocument 200 /200_OK
ErrorDocument 201 /201_CREATED
ErrorDocument 202 /202_ACCEPTED
ErrorDocument 203 /203_NON_AUTHORITATIVE
ErrorDocument 204 /204_NO_CONTENT
ErrorDocument 205 /205_RESET_CONTENT
ErrorDocument 206 /206_PARTIAL_CONTENT
ErrorDocument 207 /207_MULTI_STATUS
ErrorDocument 300 /300_MULTIPLE_CHOICES
ErrorDocument 301 /301_MOVED_PERMANENTLY
ErrorDocument 302 /302_MOVED_TEMPORARILY
ErrorDocument 303 /303_SEE_OTHER
ErrorDocument 304 /304_NOT_MODIFIED
ErrorDocument 305 /305_USE_PROXY
ErrorDocument 307 /307_TEMPORARY_REDIRECT
ErrorDocument 400 /400_BAD_REQUEST
ErrorDocument 401 /401_UNAUTHORIZED
ErrorDocument 402 /402_PAYMENT_REQUIRED
ErrorDocument 403 /403_FORBIDDEN
ErrorDocument 404 /404_NOT_FOUND
ErrorDocument 405 /405_METHOD_NOT_ALLOWED
ErrorDocument 406 /406_NOT_ACCEPTABLE
ErrorDocument 407 /407_PROXY_AUTHENTICATION_REQUIRED
ErrorDocument 408 /408_REQUEST_TIME_OUT
ErrorDocument 409 /409_CONFLICT
ErrorDocument 410 /410_GONE
ErrorDocument 411 /411_LENGTH_REQUIRED
ErrorDocument 412 /412_PRECONDITION_FAILED
ErrorDocument 413 /413_REQUEST_ENTITY_TOO_LARGE
ErrorDocument 414 /414_REQUEST_URI_TOO_LARGE
ErrorDocument 415 /415_UNSUPPORTED_MEDIA_TYPE
ErrorDocument 416 /416_RANGE_NOT_SATISFIABLE
ErrorDocument 417 /417_EXPECTATION_FAILED
ErrorDocument 422 /422_UNPROCESSABLE_ENTITY
ErrorDocument 423 /423_LOCKED
ErrorDocument 424 /424_FAILED_DEPENDENCY
ErrorDocument 426 /426_UPGRADE_REQUIRED
ErrorDocument 500 /500_INTERNAL_SERVER_ERROR
ErrorDocument 501 /501_NOT_IMPLEMENTED
ErrorDocument 502 /502_BAD_GATEWAY
ErrorDocument 503 /503_SERVICE_UNAVAILABLE
ErrorDocument 504 /504_GATEWAY_TIME_OUT
ErrorDocument 505 /505_VERSION_NOT_SUPPORTED
ErrorDocument 506 /506_VARIANT_ALSO_VARIES
ErrorDocument 507 /507_INSUFFICIENT_STORAGE
ErrorDocument 510 /510_NOT_EXTENDED
#
#
# ----------------------------------------------------------------------
# A little more security
# ----------------------------------------------------------------------
# To avoid displaying the exact version number of Apache being used, add the
# following to httpd.conf (it will not work in .htaccess):
# ServerTokens Prod
IndexIgnore *
# "-Indexes" will have Apache block users from browsing folders without a
# default document Usually you should leave this activated, because you
# should not allow everybody to surf through every folder on your server (which
# includes rather private places like CMS system folders).
<IfModule mod_autoindex.c>
Options -Indexes
Options -ExecCGI
</IfModule>
# Block access to "hidden" directories or files whose names begin with a
# period. This includes directories used by version control systems such as
# Subversion or Git.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# Block access to backup and source files. These files may be left by some
# text/html editors and pose a great security danger, when anyone can access
# them.
<FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
AddHandler cgi-script .pl .py .asp .shtml .sh .cgi
# optional logging.
# CustomLog insert-path-and-name-of-log common env=bad-range
# If your server is not already configured as such, the following directive
# should be uncommented in order to set PHP is register_globals option to OFF.
# This closes a major security hole that is abused by most XSS (cross-site
# scripting) attacks. For more information: http://php.net/register_globals
#
# ---------------------------------------------------------------
# PHP DEDICATED RULES
# DO NOT USE THEM IF YOU DON'T USE PHP
# ---------------------------------------------------------------
# IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS:
#
# Your server does not allow PHP directives to be set via .htaccess. In that
# case you must make this change in your php.ini file instead. If you are
# using a commercial web host, contact the administrators for assistance in
# doing this. Not all servers allow local php.ini files, and they should
# include all PHP configurations (not just this one), or you will effectively
# reset everything to PHP defaults. Consult www.php.net for more detailed
# information about setting PHP directives.
# php_flag register_globals Off
# Rename session cookie to something else, than PHPSESSID
# php_value session.name XGOSID
# Disable magic quotes (This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.)
# php_flag magic_quotes_gpc Off
# Do not show you are using PHP
# Note: Move this line to php.ini since it wont work in .htaccess
# php_flag expose_php Off
# Level of log detail - log all errors
# php_value error_reporting -1
# Write errors to log file
# php_flag log_errors On
# Do not display errors in browser (production - Off, development - On)
# php_flag display_errors Off
# Do not display startup errors (production - Off, development - On)
# php_flag display_startup_errors Off
# Format errors in plain text
# Note: Leave this setting 'On' for xdebug is var_dump() output
# php_flag html_errors Off
# Show multiple occurrence of error
# php_flag ignore_repeated_errors Off
# Show same errors from different sources
# php_flag ignore_repeated_source Off
# Size limit for error messages
# php_value log_errors_max_len 1024
# Don not precede error with string (does not accept empty string, use whitespace if you need)
# php_value error_prepend_string " "
# Don not prepend to error (does not accept empty string, use whitespace if you need)
# php_value error_append_string " "
@craiglondon

This comment has been minimized.

Copy link

commented Mar 19, 2015

This is amazing... I'll have to give it a try. What environments do you usually use it on? I think it might not work 100% on Shared Hosting.

@perkster

This comment has been minimized.

Copy link

commented Nov 10, 2015

Thanks for this!!!

@dennis-kon

This comment has been minimized.

Copy link

commented Dec 23, 2015

Thanks

@AskApache

This comment has been minimized.

Copy link

commented Jul 19, 2016

There is some good stuff in here. I happened to notice that some is from my open source htaccess article, like http://www.askapache.com/htaccess/htaccess.html#Custom_ErrorDocuments

There were several new things in this for me, really enjoyed reading it and how many parts are updated and current. Keep refactoring!

Also, might be interesting to compare one of your sources: perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/ with the source that entire article was based on: http://www.askapache.com/htaccess/htaccess.html

👍

@webarthur

This comment has been minimized.

Copy link

commented Aug 20, 2016

Awesome! =D

@WganMe

This comment has been minimized.

Copy link

commented Jul 7, 2017

Apache configuration file

httpd.apache.org/docs/2.2/mod/quickreference.html

Note .htaccess files are an overhead, this logic should be in your Apache

config if possible: httpd.apache.org/docs/2.2/howto/htaccess.html

Techniques in here adapted from all over, including:

Kroc Camen: camendesign.com/.htaccess

perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/

Sample .htaccess file of CMS MODx: modxcms.com

This is the free sample of .htaccess from 6GO s.r.l.

@author Claudio Ludovico Panetta (@ludo237)

@Version 2.0.1

----------------------------------------------------------------------

Default Lang and Basic Security Behavior

----------------------------------------------------------------------

X-Powered-By hidden by default nobody will notice if you're using PHP or ASP or whatever

Header unset X-Powered-By

Set by default UTF-8 charset

AddDefaultCharset UTF-8

ITALIAN language for this files, change it for your needs

AddLanguage it-IT .html .htm .css .js

Set the default charset for every feed methods

AddCharset utf-8 .atom .css .js .json .rss .vtt .xml

ITALIAN timezone, change it for your needs

SetEnv SA Asia/Riyadh

Don not allow any pages to be framed - Defends against CSRF

Header set X-Frame-Options SAMEORIGIN

Turn on IE8-IE9 XSS prevention tools

Header set X-XSS-Protection "1; mode=block"

Only allow JavaScript from the same domain to be run.

Don not allow inline JavaScript to run.

Header set X-Content-Security-Policy "allow 'self';"

Prevent mime based attacks

Header set X-Content-Type-Options "nosniff"

Disable server sign

ServerSignature Off

drop Range header when more than 5 ranges. CVE-2011-3192

SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK. Bytes, 0-2147483647(2GB)

LimitRequestBody 2147483647

----------------------------------------------------------------------

Use the latest PHP avaiable, comment this if you are not using PHP

----------------------------------------------------------------------

AddHandler Setting

<Files .htaccess>
Order Allow,Deny
Deny from all

----------------------------------------------------------------------

Better website experience for IE users. We care of them LOL

----------------------------------------------------------------------

Force the latest IE version, in various cases when it may fall back to IE7 mode

futher details: github.com/rails/rails/commit/123eb25#commitcomment-118920

Use ChromeFrame if it's installed for a better experience for the poor IE folks

Header set X-UA-Compatible "IE=Edge,chrome=1" # mod_headers cannnot match by content-type, but we don't want to send this header on *everything*... Header unset X-UA-Compatible # Header set P3P "policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"" # OR THIS, SIMPLER # Header set P3P "policyref="/w3c/p3p.xml"" # # # ---------------------------------------------------------------------- # Cross-domain AJAX requests, ENABLE CSRF first (see above) # ---------------------------------------------------------------------- # Serve cross-domain Ajax requests, disabled by default. Enable-cors.org # code.google.com/p/html5security/wiki/CrossOriginRequestSecurity # # Header set Access-Control-Allow-Origin "*" # # # # ---------------------------------------------------------------------- # CORS-enabled images (@crossorigin) # ---------------------------------------------------------------------- # Send CORS headers if browsers request them; enabled by default for images. # futher details: # - developer.mozilla.org/en/CORS_Enabled_Image # - blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html # - hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ # - wiki.mozilla.org/Security/Reviews/crossoriginAttribute # mod_headers, y u no match by Content-Type?! SetEnvIf Origin ":" IS_CORS Header set Access-Control-Allow-Origin "*" env=IS_CORS # # # ---------------------------------------------------------------------- # Webfont access # ---------------------------------------------------------------------- # Allow access from all domains for webfonts.Alternatively you could only whitelist your # subdomains like "subdomain.example.com". Header set Access-Control-Allow-Origin "*" # # # ---------------------------------------------------------------------- # Proper MIME type for all files # ---------------------------------------------------------------------- # JavaScript # Normalize to standard type (it is sniffed in IE anyways) # futher details: tools.ietf.org/html/rfc4329#section-7.2 AddType application/javascript js jsonp AddType application/json json # # Audio # AddType audio/ogg oga ogg AddType audio/mp4 m4a f4a f4b # # Video # AddType video/ogg ogv AddType video/mp4 mp4 m4v f4v f4p AddType video/webm webm AddType video/x-flv flv # # SVG # Required for svg webfonts on iPad # futher details: twitter.com/FontSquirrel/status/14855840545 # AddType image/svg+xml svg svgz AddEncoding gzip svgz # # Webfonts # AddType application/vnd.ms-fontobject eot AddType application/x-font-ttf ttf ttc AddType font/opentype otf AddType application/x-font-woff woff # # Assorted types # AddType image/x-icon ico AddType image/webp webp AddType text/cache-manifest appcache manifest AddType text/x-component htc AddType application/xml rss atom xml rdf AddType application/x-chrome-extension crx AddType application/x-opera-extension oex AddType application/x-xpinstall xpi AddType application/octet-stream safariextz AddType application/x-web-app-manifest+json webapp AddType text/x-vcard vcf AddType application/x-shockwave-flash swf AddType text/vtt vtt # This is a comment. I love comments. -*- indent-tabs-mode: t -*-

This file controls what Internet media types are sent to the client for

given file extension(s). Sending the correct media type to the client

is important so they know how to handle the content of the file.

Extra types can either be added here or by using an AddType directive

in your config files. For more information about Internet media types,

please read RFC 2045, 2046, 2047, 2048, and 2077. The Internet media type

registry is at http://www.iana.org/assignments/media-types/.

IANA types

MIME type Extensions

AddType application/andrew-inset ez
AddType application/atom+xml atom
AddType application/atomcat+xml atomcat
AddType application/atomdeleted+xml atomdeleted
AddType application/atomsvc+xml atomsvc
AddType application/auth-policy+xml apxml
AddType application/calendar+xml xcs
AddType application/ccmp+xml ccmp
AddType application/ccxml+xml ccxml
AddType application/cdmi-capability cdmia
AddType application/cdmi-container cdmic
AddType application/cdmi-domain cdmid
AddType application/cdmi-object cdmio
AddType application/cdmi-queue cdmiq
AddType application/cellml+xml cellml cml
AddType application/cpl+xml cpl
AddType application/dash+xml mpd
AddType application/davmount+xml davmount
AddType application/dicom dcm
AddType application/dskpp+xml xmls
AddType application/dssc+der dssc
AddType application/dssc+xml xdssc
AddType application/dvcs dvc
AddType application/ecmascript es
AddType application/emma+xml emma
AddType application/exi exi
AddType application/fastinfoset finf
AddType application/fdt+xml fdt

fits, fit, fts: image/fits

AddType application/font-sfnt ttf
AddType application/font-tdpfr pfr
AddType application/font-woff woff
AddType application/gzip gz tgz
AddType application/hyperstudio stk
AddType application/inkml+xml ink inkml
AddType application/ipfix ipfix
AddType application/javascript js
AddType application/json json
AddType application/json-patch+json json-patch
AddType application/link-format wlnk
AddType application/lost+xml lostxml
AddType application/lostsync+xml lostsyncxml
AddType application/mac-binhex40 hqx
AddType application/mads+xml mads
AddType application/marc mrc
AddType application/marcxml+xml mrcx
AddType application/mathematica nb ma mb
AddType application/mathml+xml mml
AddType application/mbox mbox

mpf: text/vnd.ms-mediapackage

AddType application/metalink4+xml meta4
AddType application/mets+xml mets
AddType application/mods+xml mods
AddType application/mp21 m21 mp21

mp4, mpg4: video/mp4, see RFC 4337

xdf: application/xcap-diff+xml

AddType application/msword doc
AddType application/mxf mxf
AddType application/ocsp-request orq
AddType application/ocsp-response ors
AddType application/octet-stream bin lha lzh exe class so dll img iso dmg
AddType application/oda oda
AddType application/oebps-package+xml opf
AddType application/ogg ogx
AddType application/oxps oxps
AddType application/p2p-overlay+xml relo
AddType application/pdf pdf
AddType application/pgp-encrypted pgp
AddType application/pgp-signature sig
AddType application/pkcs10 p10
AddType application/pkcs7-mime p7m p7c
AddType application/pkcs7-signature p7s
AddType application/pkcs8 p8

ac: application/vnd.nokia.n-gage.ac+xml

AddType application/pkix-cert cer
AddType application/pkix-crl crl
AddType application/pkix-pkipath pkipath
AddType application/pkixcmp pki
AddType application/pls+xml pls
AddType application/postscript ps eps ai
AddType application/provenance+xml provx
AddType application/prs.cww cw cww
AddType application/prs.nprend rnd rct
AddType application/prs.rdf-xml-crypt rdf-crypt
AddType application/prs.xsf+xml xsf
AddType application/pskc+xml pskcxml
AddType application/rdf+xml rdf
AddType application/reginfo+xml rif
AddType application/relax-ng-compact-syntax rnc
AddType application/resource-lists-diff+xml rld
AddType application/resource-lists+xml rl
AddType application/rls-services+xml rs
AddType application/rpki-ghostbusters gbr
AddType application/rpki-manifest mft
AddType application/rpki-roa roa
AddType application/rtf rtf
AddType application/scvp-cv-request scq
AddType application/scvp-cv-response scs
AddType application/scvp-vp-request spq
AddType application/scvp-vp-response spp
AddType application/sdp sdp
AddType application/sgml-open-catalog soc
AddType application/shf+xml shf
AddType application/sieve siv sieve
AddType application/simple-filter+xml cl
AddType application/smil+xml smil smi sml
AddType application/sparql-query rq
AddType application/sparql-results+xml srx
AddType application/sql sql
AddType application/srgs gram
AddType application/srgs+xml grxml
AddType application/sru+xml sru
AddType application/ssml+xml ssml
AddType application/tamp-apex-update tau
AddType application/tamp-apex-update-confirm auc
AddType application/tamp-community-update tcu
AddType application/tamp-community-update-confirm cuc
AddType application/tamp-error ter
AddType application/tamp-sequence-adjust tsa
AddType application/tamp-sequence-adjust-confirm sac

tsq: application/timestamp-query

tsr: application/timestamp-reply

AddType application/tamp-update tur
AddType application/tamp-update-confirm tuc
AddType application/tei+xml tei teiCorpus odd
AddType application/thraud+xml tfi
AddType application/timestamp-query tsq
AddType application/timestamp-reply tsr
AddType application/timestamped-data tsd
AddType application/urc-grpsheet+xml gsheet
AddType application/urc-ressheet+xml rsheet
AddType application/urc-targetdesc+xml td
AddType application/vnd.3gpp.pic-bw-large plb
AddType application/vnd.3gpp.pic-bw-small psb
AddType application/vnd.3gpp.pic-bw-var pvb
AddType application/vnd.3gpp2.sms sms
AddType application/vnd.3gpp2.tcap tcap
AddType application/vnd.3M.Post-it-Notes pwn
AddType application/vnd.accpac.simply.aso aso
AddType application/vnd.accpac.simply.imp imp
AddType application/vnd.acucobol acu
AddType application/vnd.acucorp atc acutc
AddType application/vnd.adobe.formscentral.fcdt fcdt
AddType application/vnd.adobe.fxp fxp fxpl
AddType application/vnd.adobe.xdp+xml xdp
AddType application/vnd.adobe.xfdf xfdf
AddType application/vnd.ahead.space ahead
AddType application/vnd.airzip.filesecure.azf azf
AddType application/vnd.airzip.filesecure.azs azs
AddType application/vnd.americandynamics.acc acc
AddType application/vnd.amiga.ami ami
AddType application/vnd.anser-web-certificate-issue-initiation cii

Not in IANA listing, but is on FTP site?

AddType application/vnd.anser-web-funds-transfer-initiation fti

atx: audio/ATRAC-X

AddType application/vnd.apple.installer+xml dist distz pkg mpkg

m3u: audio/x-mpegurl for now

AddType application/vnd.apple.mpegurl m3u8
AddType application/vnd.aristanetworks.swi swi
AddType application/vnd.astraea-software.iota iota
AddType application/vnd.audiograph aep
AddType application/vnd.autopackage package
AddType application/vnd.balsamiq.bmml+xml bmml
AddType application/vnd.blueice.multipass mpm
AddType application/vnd.bluetooth.ep.oob ep
AddType application/vnd.bmi bmi
AddType application/vnd.businessobjects rep
AddType application/vnd.cendio.thinlinc.clientconf tlclient
AddType application/vnd.chemdraw+xml cdxml
AddType application/vnd.chipnuts.karaoke-mmd mmd
AddType application/vnd.cinderella cdy
AddType application/vnd.claymore cla
AddType application/vnd.cloanto.rp9 rp9
AddType application/vnd.clonk.c4group c4g c4d c4f c4p c4u
AddType application/vnd.cluetrust.cartomobile-config c11amc
AddType application/vnd.cluetrust.cartomobile-config-pkg c11amz

icc: application/vnd.iccprofile

AddType application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8
AddType application/vnd.commonspace csp cst
AddType application/vnd.contact.cmsg cdbcmsg
AddType application/vnd.cosmocaller cmc
AddType application/vnd.crick.clicker clkx
AddType application/vnd.crick.clicker.keyboard clkk
AddType application/vnd.crick.clicker.palette clkp
AddType application/vnd.crick.clicker.template clkt
AddType application/vnd.crick.clicker.wordbank clkw
AddType application/vnd.criticaltools.wbs+xml wbs
AddType application/vnd.ctc-posml pml
AddType application/vnd.cups-ppd ppd
AddType application/vnd.curl curl
AddType application/vnd.dart dart
AddType application/vnd.data-vision.rdz rdz
AddType application/vnd.dece.data uvf uvvf uvd uvvd
AddType application/vnd.dece.ttml+xml uvt uvvt
AddType application/vnd.dece.unspecified uvx uvvx
AddType application/vnd.dece.zip uvz uvvz
AddType application/vnd.denovo.fcselayout-link fe_launch
AddType application/vnd.desmume.movie dsm
AddType application/vnd.dna dna
AddType application/vnd.dpgraph dpg mwc dpgraph
AddType application/vnd.dreamfactory dfac
AddType application/vnd.dtg.local.flash fla
AddType application/vnd.dvb.ait ait

class: application/octet-stream

pfr: application/font-tdpfr

AddType application/vnd.dvb.service svc

dxr: application/x-director

AddType application/vnd.dynageo geo
AddType application/vnd.ecowin.chart mag
AddType application/vnd.enliven nml
AddType application/vnd.epson.esf esf
AddType application/vnd.epson.msf msf
AddType application/vnd.epson.quickanime qam
AddType application/vnd.epson.salt slt
AddType application/vnd.epson.ssf ssf
AddType application/vnd.ericsson.quickcall qcall qca
AddType application/vnd.eszigno3+xml es3 et3
AddType application/vnd.ezpix-album ez2
AddType application/vnd.ezpix-package ez3
AddType application/vnd.fdf fdf
AddType application/vnd.fdsn.mseed msd mseed
AddType application/vnd.fdsn.seed seed dataless

all extensions: application/vnd.hbci

AddType application/vnd.FloGraphIt gph
AddType application/vnd.fluxtime.clip ftc
AddType application/vnd.font-fontforge-sfd sfd
AddType application/vnd.framemaker fm
AddType application/vnd.frogans.fnc fnc
AddType application/vnd.frogans.ltf ltf
AddType application/vnd.fsc.weblaunch fsc
AddType application/vnd.fujitsu.oasys oas
AddType application/vnd.fujitsu.oasys2 oa2
AddType application/vnd.fujitsu.oasys3 oa3
AddType application/vnd.fujitsu.oasysgp fg5
AddType application/vnd.fujitsu.oasysprs bh2
AddType application/vnd.fujixerox.ddd ddd
AddType application/vnd.fujixerox.docuworks xdw
AddType application/vnd.fujixerox.docuworks.binder xbd
AddType application/vnd.fuzzysheet fzs
AddType application/vnd.genomatix.tuxedo txd
AddType application/vnd.geocube+xml g3 g³
AddType application/vnd.geogebra.file ggb
AddType application/vnd.geogebra.tool ggt
AddType application/vnd.geometry-explorer gex gre
AddType application/vnd.geonext gxt
AddType application/vnd.geoplan g2w
AddType application/vnd.geospace g3w
AddType application/vnd.gmx gmx
AddType application/vnd.google-earth.kml+xml kml
AddType application/vnd.google-earth.kmz kmz
AddType application/vnd.grafeq gqf gqs
AddType application/vnd.groove-account gac
AddType application/vnd.groove-help ghf
AddType application/vnd.groove-identity-message gim
AddType application/vnd.groove-injector grv
AddType application/vnd.groove-tool-message gtm
AddType application/vnd.groove-tool-template tpl
AddType application/vnd.groove-vcard vcg
AddType application/vnd.hal+xml hal
AddType application/vnd.HandHeld-Entertainment+xml zmm
AddType application/vnd.hbci hbci hbc kom upa pkd bpd

rep: application/vnd.businessobjects

AddType application/vnd.hhe.lesson-player les
AddType application/vnd.hp-HPGL hpgl
AddType application/vnd.hp-hpid hpi hpid
AddType application/vnd.hp-hps hps
AddType application/vnd.hp-jlyt jlt
AddType application/vnd.hp-PCL pcl
AddType application/vnd.hydrostatix.sof-data sfd-hdstx
AddType application/vnd.hzn-3d-crossword x3d
AddType application/vnd.ibm.electronic-media emm
AddType application/vnd.ibm.MiniPay mpy
AddType application/vnd.ibm.modcap list3820 listafp afp pseg3820
AddType application/vnd.ibm.rights-management irm
AddType application/vnd.ibm.secure-container sc
AddType application/vnd.iccprofile icc icm
AddType application/vnd.ieee.1905 1905.1
AddType application/vnd.igloader igl
AddType application/vnd.immervision-ivp ivp
AddType application/vnd.immervision-ivu ivu

application/vnd.informix-visionary obsoleted by application/vnd.visionary

AddType application/vnd.insors.igm igm
AddType application/vnd.intercon.formnet xpw xpx
AddType application/vnd.intergeo i2g
AddType application/vnd.intu.qbo qbo
AddType application/vnd.intu.qfx qfx
AddType application/vnd.ipunplugged.rcprofile rcprofile
AddType application/vnd.irepository.package+xml irp
AddType application/vnd.is-xpr xpr
AddType application/vnd.isac.fcs fcs
AddType application/vnd.jam jam
AddType application/vnd.jcp.javame.midlet-rms rms
AddType application/vnd.jisp jisp
AddType application/vnd.joost.joda-archive joda
AddType application/vnd.kahootz ktz ktr
AddType application/vnd.kde.karbon karbon
AddType application/vnd.kde.kchart chrt
AddType application/vnd.kde.kformula kfo
AddType application/vnd.kde.kivio flw
AddType application/vnd.kde.kontour kon
AddType application/vnd.kde.kpresenter kpr kpt
AddType application/vnd.kde.kspread ksp
AddType application/vnd.kde.kword kwd kwt
AddType application/vnd.kenameaapp htke
AddType application/vnd.kidspiration kia
AddType application/vnd.Kinar kne knp sdf
AddType application/vnd.koan skp skd skm skt
AddType application/vnd.kodak-descriptor sse
AddType application/vnd.las.las+xml lasxml
AddType application/vnd.llamagraphics.life-balance.desktop lbd
AddType application/vnd.llamagraphics.life-balance.exchange+xml lbe
AddType application/vnd.lotus-1-2-3 123 wk4 wk3 wk1
AddType application/vnd.lotus-approach apr vew
AddType application/vnd.lotus-freelance prz pre
AddType application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg
AddType application/vnd.lotus-organizer or3 or2 org
AddType application/vnd.lotus-screencam scm
AddType application/vnd.lotus-wordpro lwp sam
AddType application/vnd.macports.portpkg portpkg
AddType application/vnd.marlin.drm.mdcf mdc
AddType application/vnd.mcd mcd
AddType application/vnd.medcalcdata mc1
AddType application/vnd.mediastation.cdkey cdkey
AddType application/vnd.MFER mwf
AddType application/vnd.mfmp mfm
AddType application/vnd.micrografx.flo flo
AddType application/vnd.micrografx.igx igx
AddType application/vnd.mif mif
AddType application/vnd.Mobius.DAF daf
AddType application/vnd.Mobius.DIS dis
AddType application/vnd.Mobius.MBK mbk
AddType application/vnd.Mobius.MQY mqy
AddType application/vnd.Mobius.MSL msl
AddType application/vnd.Mobius.PLC plc
AddType application/vnd.Mobius.TXF txf
AddType application/vnd.mophun.application mpn
AddType application/vnd.mophun.certificate mpc
AddType application/vnd.mozilla.xul+xml xul
AddType application/vnd.ms-artgalry cil
AddType application/vnd.ms-asf asf
AddType application/vnd.ms-cab-compressed cab
AddType application/vnd.ms-excel xls xlm xla xlc xlt xlw
AddType application/vnd.ms-excel.template.macroEnabled.12 xltm
AddType application/vnd.ms-excel.addin.macroEnabled.12 xlam
AddType application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
AddType application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
AddType application/vnd.ms-fontobject eot
AddType application/vnd.ms-htmlhelp chm
AddType application/vnd.ms-ims ims
AddType application/vnd.ms-lrm lrm
AddType application/vnd.ms-officetheme thmx
AddType application/vnd.ms-powerpoint ppt pps pot
AddType application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
AddType application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
AddType application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm
AddType application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
AddType application/vnd.ms-powerpoint.template.macroEnabled.12 potm
AddType application/vnd.ms-project mpp mpt
AddType application/vnd.ms-tnef tnef tnf
AddType application/vnd.ms-word.document.macroEnabled.12 docm
AddType application/vnd.ms-word.template.macroEnabled.12 dotm
AddType application/vnd.ms-works wcm wdb wks wps
AddType application/vnd.ms-wpl wpl
AddType application/vnd.ms-xpsdocument xps
AddType application/vnd.mseq mseq
AddType application/vnd.multiad.creator crtr
AddType application/vnd.multiad.creator.cif cif
AddType application/vnd.musician mus
AddType application/vnd.muvee.style msty
AddType application/vnd.mynfc taglet
AddType application/vnd.nervana entity request bkm kcm

ntf: application/vnd.lotus-notes

AddType application/vnd.nitf nitf
AddType application/vnd.neurolanguage.nlu nlu
AddType application/vnd.nintendo.nitro.rom nds
AddType application/vnd.noblenet-directory nnd
AddType application/vnd.noblenet-sealer nns
AddType application/vnd.noblenet-web nnw
AddType application/vnd.nokia.n-gage.ac+xml ac
AddType application/vnd.nokia.n-gage.data ngdat
AddType application/vnd.nokia.n-gage.symbian.install n-gage
AddType application/vnd.nokia.radio-preset rpst
AddType application/vnd.nokia.radio-presets rpss
AddType application/vnd.novadigm.EDM edm
AddType application/vnd.novadigm.EDX edx
AddType application/vnd.novadigm.EXT ext
AddType application/vnd.oasis.opendocument.chart odc
AddType application/vnd.oasis.opendocument.chart-template otc
AddType application/vnd.oasis.opendocument.database odb
AddType application/vnd.oasis.opendocument.formula odf
AddType application/vnd.oasis.opendocument.formula-template otf
AddType application/vnd.oasis.opendocument.graphics odg
AddType application/vnd.oasis.opendocument.graphics-template otg
AddType application/vnd.oasis.opendocument.image odi
AddType application/vnd.oasis.opendocument.image-template oti
AddType application/vnd.oasis.opendocument.presentation odp
AddType application/vnd.oasis.opendocument.presentation-template otp
AddType application/vnd.oasis.opendocument.spreadsheet ods
AddType application/vnd.oasis.opendocument.spreadsheet-template ots
AddType application/vnd.oasis.opendocument.text odt
AddType application/vnd.oasis.opendocument.text-master odm
AddType application/vnd.oasis.opendocument.text-template ott
AddType application/vnd.oasis.opendocument.text-web oth
AddType application/vnd.olpc-sugar xo
AddType application/vnd.oma.dd2+xml dd2
AddType application/vnd.openofficeorg.extension oxt

AddType application/vnd.osa.netdeploy ndc
AddType application/vnd.osgeo.mapguide.package mgp

jar: application/x-java-archive

AddType application/vnd.osgi.dp dp
AddType application/vnd.osgi.subsystem esa
AddType application/vnd.palm prc pdb pqa oprc
AddType application/vnd.pawaafile paw
AddType application/vnd.pg.format str
AddType application/vnd.pg.osasli ei6
AddType application/vnd.piaccess.application-license pil
AddType application/vnd.picsel efif
AddType application/vnd.pmi.widget wg
AddType application/vnd.pocketlearn plf
AddType application/vnd.powerbuilder6 pbd
AddType application/vnd.preminet preminet
AddType application/vnd.previewsystems.box box vbox
AddType application/vnd.proteus.magazine mgz
AddType application/vnd.publishare-delta-tree qps

pti: image/prs.pti

AddType application/vnd.pvi.ptid1 ptid
AddType application/vnd.qualcomm.brew-app-res bar
AddType application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb
AddType application/vnd.quobject-quoxdocument quox quiz
AddType application/vnd.rainstor.data tree
AddType application/vnd.realvnc.bed bed
AddType application/vnd.recordare.musicxml mxl
AddType application/vnd.rig.cryptonote cryptonote
AddType application/vnd.route66.link66+xml link66
AddType application/vnd.sailingtracker.track st
AddType application/vnd.scribus scd sla slaz
AddType application/vnd.sealed.3df s3df
AddType application/vnd.sealed.csf scsf
AddType application/vnd.sealed.doc sdoc sdo s1w
AddType application/vnd.sealed.eml seml sem
AddType application/vnd.sealed.mht smht smh

spp: application/scvp-vp-response

AddType application/vnd.sealed.ppt sppt s1p
AddType application/vnd.sealed.tiff stif
AddType application/vnd.sealed.xls sxls sxl s1e

stm: audio/x-stm

AddType application/vnd.sealedmedia.softseal.html stml s1h
AddType application/vnd.sealedmedia.softseal.pdf spdf spd s1a
AddType application/vnd.seemail see
AddType application/vnd.sema sema
AddType application/vnd.semd semd
AddType application/vnd.semf semf
AddType application/vnd.shana.informed.formdata ifm
AddType application/vnd.shana.informed.formtemplate itp
AddType application/vnd.shana.informed.interchange iif
AddType application/vnd.shana.informed.package ipk
AddType application/vnd.SimTech-MindMapper twd twds
AddType application/vnd.smaf mmf
AddType application/vnd.smart.notebook notebook
AddType application/vnd.smart.teacher teacher
AddType application/vnd.software602.filler.form+xml fo
AddType application/vnd.software602.filler.form-xml-zip zfo
AddType application/vnd.solent.sdkm+xml sdkm sdkd
AddType application/vnd.spotfire.dxp dxp
AddType application/vnd.spotfire.sfs sfs
AddType application/vnd.stepmania.package smzip
AddType application/vnd.stepmania.stepchart sm
AddType application/vnd.sun.wadl+xml wadl
AddType application/vnd.sus-calendar sus susp
AddType application/vnd.syncml+xml xsm
AddType application/vnd.syncml.dm+wbxml bdm
AddType application/vnd.syncml.dm+xml xdm
AddType application/vnd.syncml.dmddf+xml ddf
AddType application/vnd.tao.intent-module-archive tao
AddType application/vnd.tcpdump.pcap pcap cap dmp
AddType application/vnd.tmobile-livetv tmo
AddType application/vnd.trid.tpt tpt
AddType application/vnd.triscape.mxs mxs
AddType application/vnd.trueapp tra

cab: application/vnd.ms-cab-compressed

AddType application/vnd.ufdl ufdl ufd frm
AddType application/vnd.uiq.theme utz
AddType application/vnd.umajin umj
AddType application/vnd.unity unityweb
AddType application/vnd.uoml+xml uoml uo
AddType application/vnd.vcx vcx

sxi: application/vnd.sun.xml.impress

AddType application/vnd.vd-study mxi study-inter model-inter

mcd: application/vnd.mcd

AddType application/vnd.vectorworks vwx
AddType application/vnd.vidsoft.vidconference vsc
AddType application/vnd.visio vsd vst vsw vss
AddType application/vnd.visionary vis

vsc: application/vnd.vidsoft.vidconference

AddType application/vnd.vsf vsf
AddType application/vnd.wap.sic sic
AddType application/vnd.wap.slc slc
AddType application/vnd.wap.wbxml wbxml
AddType application/vnd.wap.wmlc wmlc
AddType application/vnd.wap.wmlscriptc wmlsc
AddType application/vnd.webturbo wtb
AddType application/vnd.wfa.wsc wsc
AddType application/vnd.wmc wmc

nb: application/mathematica for now

AddType application/vnd.wolfram.mathematica.package m
AddType application/vnd.wolfram.player nbp
AddType application/vnd.wordperfect wpd
AddType application/vnd.wqd wqd
AddType application/vnd.wt.stf stf
AddType application/vnd.wv.csp+wbxml wv
AddType application/vnd.xara xar
AddType application/vnd.xfdl xfdl xfd
AddType application/vnd.xmpie.cpkg cpkg
AddType application/vnd.xmpie.dpkg dpkg
AddType application/vnd.xmpie.ppkg ppkg
AddType application/vnd.xmpie.xlim xlim
AddType application/vnd.yamaha.hv-dic hvd
AddType application/vnd.yamaha.hv-script hvs
AddType application/vnd.yamaha.hv-voice hvp
AddType application/vnd.yamaha.openscoreformat osf
AddType application/vnd.yamaha.smaf-audio saf
AddType application/vnd.yamaha.smaf-phrase spf
AddType application/vnd.yellowriver-custom-menu cmp
AddType application/vnd.zul zir zirz
AddType application/vnd.zzazz.deck+xml zaz
AddType application/voicexml+xml vxml
AddType application/watcherinfo+xml wif
AddType application/widget wgt
AddType application/wsdl+xml wsdl
AddType application/wspolicy+xml wspolicy
AddType application/xcap-att+xml xav
AddType application/xcap-caps+xml xca
AddType application/xcap-diff+xml xdf
AddType application/xcap-el+xml xel
AddType application/xcap-error+xml xer
AddType application/xcap-ns+xml xns
AddType application/xhtml+xml xhtml xhtm xht

application/xhtml-voice+xml obsoleted by application/xv+xml

xml, xsd, rng: text/xml

mod: audio/x-mod

AddType application/xml-dtd dtd

ent: text/xml-external-parsed-entity

AddType application/xop+xml xop
AddType application/xslt+xml xsl xslt
AddType application/xv+xml mxml xhvml xvml xvm
AddType application/yang yang
AddType application/yin+xml yin
AddType application/zip zip
AddType audio/32kadpcm 726

3gp, 3gpp: video/3gpp

3g2, 3gpp2: video/3gpp2

AddType audio/ac3 ac3
AddType audio/AMR amr
AddType audio/AMR-WB awb
AddType audio/asc acn

aa3, omg: audio/ATRAC3

AddType audio/ATRAC-ADVANCED-LOSSLESS aal

aa3, omg: audio/ATRAC3

AddType audio/ATRAC-X atx
AddType audio/ATRAC3 at3 aa3 omg
AddType audio/basic au snd
AddType audio/dls dls
AddType audio/EVRC evc

qcp: audio/qcelp

AddType audio/EVRCB evb
AddType audio/EVRCNW enw
AddType audio/EVRCWB evw
AddType audio/iLBC lbc

wav: audio/x-wav

AddType audio/L16 l16
AddType audio/mobile-xmf mxmf

mp4, mpg4: video/mp4, see RFC 4337

AddType audio/mp4 m4a m4p mp4
AddType audio/mpeg mp3 mpga mp1 mp2
AddType audio/ogg oga ogg opus spx
AddType audio/prs.sid sid psid
AddType audio/qcelp qcp
AddType audio/SMV smv

qcp: audio/qcelp, see RFC 3625

mid: audio/midi

AddType audio/vnd.dece.audio uva uvva
AddType audio/vnd.digital-winds eol
AddType audio/vnd.dolby.mlp mlp

wav: audio/x-wav, cpt: application/mac-compactpro

AddType audio/vnd.dts dts
AddType audio/vnd.dts.hd dtshd

dvb: video/vnd.dvb.file

AddType audio/vnd.everad.plj plj

rm: audio/x-pn-realaudio

AddType audio/vnd.lucent.voice lvp
AddType audio/vnd.ms-playready.media.pya pya

mxmf: audio/mobile-xmf

AddType audio/vnd.nortel.vbk vbk
AddType audio/vnd.nuera.ecelp4800 ecelp4800
AddType audio/vnd.nuera.ecelp7470 ecelp7470
AddType audio/vnd.nuera.ecelp9600 ecelp9600

audio/vnd.qcelp deprecated in favour of audio/qcelp

AddType audio/vnd.rip rip
AddType audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m
AddType image/cgm cgm
AddType image/fits fits fit fts
AddType image/gif gif
AddType image/ief ief
AddType image/jp2 jp2 jpg2
AddType image/jpeg jpg jpeg jpe jfif
AddType image/jpm jpm jpgm
AddType image/jpx jpx jpf
AddType image/ktx ktx
AddType image/png png
AddType image/prs.btif btif btf
AddType image/prs.pti pti
AddType image/svg+xml svg svgz
AddType image/t38 t38
AddType image/tiff tiff tif
AddType image/tiff-fx tfx
AddType image/vnd.adobe.photoshop psd
AddType image/vnd.airzip.accelerator.azv azv
AddType image/vnd.dece.graphic uvi uvvi uvg uvvg
AddType image/vnd.djvu djvu djv

sub: text/vnd.dvb.subtitle

AddType image/vnd.dwg dwg
AddType image/vnd.dxf dxf
AddType image/vnd.fastbidsheet fbs
AddType image/vnd.fpx fpx
AddType image/vnd.fst fst
AddType image/vnd.fujixerox.edmics-mmr mmr
AddType image/vnd.fujixerox.edmics-rlc rlc
AddType image/vnd.globalgraphics.pgb pgb
AddType image/vnd.microsoft.icon ico
AddType image/vnd.ms-modi mdi
AddType image/vnd.radiance hdr rgbe xyze
AddType image/vnd.sealed.png spng spn s1n
AddType image/vnd.sealedmedia.softseal.gif sgif sgi s1g
AddType image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j
AddType image/vnd.wap.wbmp wbmp
AddType image/vnd.xiff xif
AddType message/global u8msg
AddType message/global-delivery-status u8dsn
AddType message/global-disposition-notification u8mdn
AddType message/global-headers u8hdr

cl: application/simple-filter+xml

message/news obsoleted by message/rfc822

AddType message/rfc822 eml mail art
AddType model/iges igs iges
AddType model/mesh msh mesh silo
AddType model/vnd.collada+xml dae
AddType model/vnd.dwf dwf

3dml, 3dm: text/vnd.in3d.3dml

AddType model/vnd.gdl gdl gsm win dor lmp rsm msm ism
AddType model/vnd.gtw gtw
AddType model/vnd.moml+xml moml
AddType model/vnd.mts mts
AddType model/vnd.parasolid.transmit.binary x_b xmt_bin
AddType model/vnd.parasolid.transmit.text x_t xmt_txt
AddType model/vnd.vtu vtu
AddType model/vrml wrl vrml
AddType multipart/voice-message vpm
AddType text/calendar ics ifb
AddType text/css css
AddType text/csv csv
AddType text/dns soa zone

text/ecmascript obsoleted by application/ecmascript

AddType text/html html htm shtml

text/javascript obsoleted by application/javascript

AddType text/jcr-cnd cnd
AddType text/mizar miz
AddType text/n3 n3
AddType text/plain txt asc text pm el c h cc hh cxx hxx f90 conf log
AddType text/provenance-notation provn
AddType text/prs.fallenstein.rst rst
AddType text/prs.lines.tag tag dsc
AddType text/richtext rtx

rtf: application/rtf

AddType text/sgml sgml sgm
AddType text/tab-separated-values tsv
AddType text/troff t tr roff
AddType text/turtle ttl
AddType text/uri-list uris uri
AddType text/vcard vcf vcard
AddType text/vnd.abc abc

curl: application/vnd.curl

AddType text/vnd.debian.copyright copyright
AddType text/vnd.DMClientScript dms
AddType text/vnd.dvb.subtitle sub
AddType text/vnd.esmertec.theme-descriptor jtd
AddType text/vnd.fly fly
AddType text/vnd.fmi.flexstor flx
AddType text/vnd.graphviz gv dot
AddType text/vnd.in3d.3dml 3dml 3dm
AddType text/vnd.in3d.spot spot spo
AddType text/vnd.ms-mediapackage mpf
AddType text/vnd.net2phone.commcenter.command ccc
AddType text/vnd.si.uricatalogue uric
AddType text/vnd.sun.j2me.app-descriptor jad
AddType text/vnd.trolltech.linguist ts
AddType text/vnd.wap.si si
AddType text/vnd.wap.sl sl
AddType text/vnd.wap.wml wml
AddType text/vnd.wap.wmlscript wmls
AddType text/xml xml xsd rng
AddType text/xml-external-parsed-entity ent
AddType video/3gpp 3gp 3gpp
AddType video/3gpp2 3g2 3gpp2
AddType video/mj2 mj2 mjp2
AddType video/mp4 mp4 mpg4 m4v
AddType video/mpeg mpeg mpg mpe m1v m2v
AddType video/ogg ogv
AddType video/quicktime mov qt
AddType video/vnd.dece.hd uvh uvvh
AddType video/vnd.dece.mobile uvm uvvm
AddType video/vnd.dece.mp4 uvu uvvu
AddType video/vnd.dece.pd uvp uvvp
AddType video/vnd.dece.sd uvs uvvs
AddType video/vnd.dece.video uvv uvvv
AddType video/vnd.dvb.file dvb
AddType video/vnd.fvt fvt

rm: audio/x-pn-realaudio

AddType video/vnd.mpegurl mxu m4u
AddType video/vnd.ms-playready.media.pyv pyv
AddType video/vnd.nokia.interleaved-multimedia nim

mp4: video/mp4

AddType video/vnd.sealed.mpeg1 smpg s11

smpg: video/vnd.sealed.mpeg1

AddType video/vnd.sealed.mpeg4 s14
AddType video/vnd.sealed.swf sswf ssw
AddType video/vnd.sealedmedia.softseal.mov smov smo s1q

uvu, uvvu: video/vnd.dece.mp4

AddType video/vnd.vivo viv

Non-IANA types

AddType application/epub+zip epub
AddType application/mac-compactpro cpt
AddType application/metalink+xml metalink
AddType application/rss+xml rss
AddType application/vnd.android.package-archive apk
AddType application/vnd.oma.dd+xml dd
AddType application/vnd.oma.drm.content dcf

odf: application/vnd.oasis.opendocument.formula

AddType application/vnd.oma.drm.dcf o4a o4v
AddType application/vnd.oma.drm.message dm
AddType application/vnd.oma.drm.rights+wbxml drc
AddType application/vnd.oma.drm.rights+xml dr
AddType application/vnd.sun.xml.calc sxc
AddType application/vnd.sun.xml.calc.template stc
AddType application/vnd.sun.xml.draw sxd
AddType application/vnd.sun.xml.draw.template std
AddType application/vnd.sun.xml.impress sxi
AddType application/vnd.sun.xml.impress.template sti
AddType application/vnd.sun.xml.math sxm
AddType application/vnd.sun.xml.writer sxw
AddType application/vnd.sun.xml.writer.global sxg
AddType application/vnd.sun.xml.writer.template stw
AddType application/vnd.symbian.install sis
AddType application/vnd.wap.mms-message mms
AddType application/x-annodex anx
AddType application/x-bcpio bcpio
AddType application/x-bittorrent torrent
AddType application/x-bzip 2 bz2 tbz
AddType application/x-cdlink vcd
AddType application/x-chess-pgn pgn
AddType application/x-chrome-extension crx
AddType application/x-cpio cpio
AddType application/x-csh csh
AddType application/x-director dcr dir dxr
AddType application/x-dvi dvi
AddType application/x-futuresplash spl
AddType application/x-gtar gtar
AddType application/x-hdf hdf
AddType application/x-java-archive jar
AddType application/x-java-jnlp-file jnlp
AddType application/x-java-pack200 pack
AddType application/x-killustrator kil
AddType application/x-latex latex
AddType application/x-netcdf nc cdf
AddType application/x-perl pl
AddType application/x-rpm rpm
AddType application/x-sh sh
AddType application/x-shar shar
AddType application/x-shockwave-flash swf
AddType application/x-stuffit sit
AddType application/x-sv4cpio sv4cpio
AddType application/x-sv4crc sv4crc
AddType application/x-tar tar
AddType application/x-tcl tcl
AddType application/x-tex tex
AddType application/x-texinfo texinfo texi
AddType application/x-troff-man man 1 2 3 4 5 6 7 8
AddType application/x-troff-me me
AddType application/x-troff-ms ms
AddType application/x-ustar ustar
AddType application/x-wais-source src
AddType application/x-xpinstall xpi
AddType application/x-xspf+xml xspf
AddType application/x-xz xz
AddType audio/midi mid midi kar
AddType audio/x-aiff aif aiff aifc
AddType audio/x-annodex axa
AddType audio/x-flac flac
AddType audio/x-mod mod ult uni m15 mtm 669 med
AddType audio/x-mpegurl m3u
AddType audio/x-ms-wax wax
AddType audio/x-ms-wma wma
AddType audio/x-pn-realaudio ram rm
AddType audio/x-realaudio ra
AddType audio/x-s3m s3m
AddType audio/x-stm stm
AddType audio/x-wav wav
AddType chemical/x-xyz xyz
AddType image/bmp bmp
AddType image/webp webp
AddType image/x-cmu-raster ras
AddType image/x-portable-anymap pnm
AddType image/x-portable-bitmap pbm
AddType image/x-portable-graymap pgm
AddType image/x-portable-pixmap ppm
AddType image/x-rgb rgb
AddType image/x-targa tga
AddType image/x-xbitmap xbm
AddType image/x-xpixmap xpm
AddType image/x-xwindowdump xwd
AddType text/cache-manifest appcache manifest
AddType text/x-pod pod
AddType text/x-setext etx
AddType video/webm webm
AddType video/x-annodex axv
AddType video/x-flv flv
AddType video/x-javafx fxm
AddType video/x-ms-asf asx
AddType video/x-ms-wm wm
AddType video/x-ms-wmv wmv
AddType video/x-ms-wmx wmx
AddType video/x-ms-wvx wvx
AddType video/x-ms video avi
AddType video/x-sgi-movie movie
AddType x-conference/x-cooltalk ice
AddType x-epoc/x-sisx-app sisx
AddType text/x-log log
AddType application/x-httpd-php php php3 php4 php5 php6
AddType text/x-config cnf conf
AddType application/ruby rb
AddType application/x-gzip tgz
AddType text/x-sql sql
AddType application/x-img img
AddType application/cgi cgi
AddType application/perl pl plx ppl perl pm
AddType text/vbscript vbs
AddType text/x-registry reg
AddType application/x-httpd-php-source phps

----------------------------------------------------------------------

Allow concatenation from within specific js and css files

----------------------------------------------------------------------

e.g. Inside of script.combined.js you could have

and they would be included into this single file.

This is not in use in the boilerplate as it stands. You may

choose to use this technique if you do not have a build process.

#<FilesMatch ".combined.js$">

Options +Includes

AddOutputFilterByType INCLUDES application/javascript application/json

SetOutputFilter INCLUDES

#
#<FilesMatch ".combined.css$">

Options +Includes

AddOutputFilterByType INCLUDES text/css

SetOutputFilter INCLUDES

#

----------------------------------------------------------------------

Gzip compression

----------------------------------------------------------------------

mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file .(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/ SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding # Compress all output labeled with one of the following MIME-types AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml # # # ---------------------------------------------------------------------- # Expires headers (for better cache control) # ---------------------------------------------------------------------- # These are pretty far-future expires headers. # They assume you control versioning with filename-based cache busting # Additionally, consider that outdated proxies may miscache # futher details: www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/ # If you don nott use filenames to version, lower the CSS and JS to something like "access plus 1 week". # 1 YEAR - does not change often ExpiresDefault A29030400 ExpiresActive on # # Perhaps better to whitelist expires rules? Perhaps. # ExpiresDefault "access plus 1 month" # # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5) # ExpiresByType text/cache-manifest "access plus 0 seconds" # # Your document html # ExpiresByType text/html "access plus 0 seconds" # # Data # ExpiresByType text/xml "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType application/json "access plus 0 seconds" # # Feed # ExpiresByType application/rss+xml "access plus 1 hour" ExpiresByType application/atom+xml "access plus 1 hour" # # Favicon (cannot be renamed) # ExpiresByType image/x-icon "access plus 1 month" # # Media: images, video, audio # ExpiresByType image/gif "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType audio/ogg "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/webm "access plus 1 month" # # HTC files (css3pie) # ExpiresByType text/x-component "access plus 1 month" # # Webfonts # ExpiresByType application/x-font-ttf "access plus 1 month" ExpiresByType font/opentype "access plus 1 month" ExpiresByType application/x-font-woff "access plus 1 month" ExpiresByType image/svg+xml "access plus 1 month" ExpiresByType application/vnd.ms-fontobject "access plus 1 month" # # CSS and JavaScript # ExpiresByType text/css "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" # # # ---------------------------------------------------------------------- # Prevent mobile network providers from modifying your site # ---------------------------------------------------------------------- # The following header prevents modification of your code over 3G on some # European providers. # This is the official 'bypass' suggested by O2 in the UK. Header set Cache-Control "no-transform" # # # ---------------------------------------------------------------------- # ETag removal # ---------------------------------------------------------------------- # FileETag None is not enough for every server. Header unset ETag # Since we are sending far-future expires, we don not need ETags for # static content. # futher details: developer.yahoo.com/performance/rules.html#etags FileETag None # # # ---------------------------------------------------------------------- # Stop screen flicker in IE on CSS rollovers # ---------------------------------------------------------------------- # The following directives stop screen flicker in IE on CSS rollovers - in # combination with the "ExpiresByType" rules for images (see above). BrowserMatch "MSIE" brokenvary=1 BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1 BrowserMatch "Opera" !brokenvary SetEnvIf brokenvary 1 force-no-vary # # # ---------------------------------------------------------------------- # Set Keep-Alive Header # ---------------------------------------------------------------------- # Keep-Alive allows the server to send multiple requests through one # TCP-connection. Be aware of possible disadvantages of this setting. Turn on # if you serve a lot of static content. Header set Connection Keep-Alive # # # ---------------------------------------------------------------------- # Cookie setting from iframes # ---------------------------------------------------------------------- # Allow cookies to be set from iframes (for IE only) # If needed, specify a path or regex in the Location directive. # # Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" # # # # ---------------------------------------------------------------------- # Start rewrite engine # ---------------------------------------------------------------------- # Turning on the rewrite engine is necessary for the following rules and # features. FollowSymLinks must be enabled for this to work. # Some cloud hosting services require RewriteBase to be set: goo.gl/HOcPN # If using the h5bp in a subdirectory, use `RewriteBase /foo` instead where # 'foo' is your directory. # If your web host does not allow the FollowSymlinks option, you may need to # comment it out and use `Options +SymLinksIfOwnerMatch`, but be aware of the # performance impact: http://goo.gl/Mluzd RewriteEngine On Options +FollowSymlinks # ## Force public directory for the rood of websites ## # Change ludo237.github to be your primary domain. # # RewriteCond %{HTTP_HOST} ^(www.)?ludo237.github$ # # Change 'subfolder' to be the folder you will use for your primary domain. # # RewriteCond %{REQUEST_URI} !^/repositories/ # # Do not change this line. # # RewriteCond %{REQUEST_FILENAME} !-f # RewriteCond %{REQUEST_FILENAME} !-d # # Change 'subfolder' to be the folder you will use for your primary domain. # # RewriteRule ^(.*)$ /repositories/$1 # Change ludo237.github to be your primary domain again. # Change 'subfolder' to be the folder you will use for your primary domain # followed by / then the main file for your site, index.php, index.html, etc. # RewriteCond %{HTTP_HOST} ^(www.)?ludo237.github$ # RewriteRule ^(.*)$ http://ludo237.github/$1 [R,L] # ## Remove Extensions ## # change the .php extension with whatever you need # # RewriteCond %{REQUEST_FILENAME} !-d # RewriteCond %{REQUEST_FILENAME}\.php -f # RewriteRule ^(.*)$ $1.php # ## Remove Bad Bots from crawling ## # IF THE UA STARTS WITH THESE # Block spambots # RewriteCond %{HTTP_USER_AGENT} ^(aesop_com_spiderman|alexibot|backweb|bandit|batchftp|bigfoot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(black.?hole|blackwidow|blowfish|botalot|buddy|builtbottough|bullseye) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(cheesebot|cherrypicker|chinaclaw|collector|copier|copyrightcheck) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(cosmos|crescent|curl|custo|da|diibot|disco|dittospyder|dragonfly) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(drip|easydl|ebingbong|ecatch|eirgrabber|emailcollector|emailsiphon) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(emailwolf|erocrawler|exabot|eyenetie|filehound|flashget|flunky) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(frontpage|getright|getweb|go.?zilla|go-ahead-got-it|gotit|grabnet) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(grafula|harvest|hloader|hmview|httplib|httrack|humanlinks|ilsebot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(infonavirobot|infotekies|intelliseek|interget|iria|jennybot|jetcar) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(joc|justview|jyxobot|kenjin|keyword|larbin|leechftp|lexibot|lftp|libweb) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(likse|linkscan|linkwalker|lnspiderguy|lwp|magnet|mag-net|markwatch) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(mata.?hari|memo|microsoft.?url|midown.?tool|miixpc|mirror|missigua) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(mister.?pix|moget|mozilla.?newt|nameprotect|navroad|backdoorbot|nearsite) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(net.?vampire|netants|netcraft|netmechanic|netspider|nextgensearchbot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(attach|nicerspro|nimblecrawler|npbot|octopus|offline.?explorer) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(offline.?navigator|openfind|outfoxbot|pagegrabber|papa|pavuk) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(pcbrowser|php.?version.?tracker|pockey|propowerbot|prowebwalker) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(psbot|pump|queryn|recorder|realdownload|reaper|reget|true_robot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(repomonkey|rma|internetseer|sitesnagger|siphon|slysearch|smartdownload) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(snake|snapbot|snoopy|sogou|spacebison|spankbot|spanner|sqworm|superbot) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(superhttp|surfbot|asterias|suzuran|szukacz|takeout|teleport) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(telesoft|the.?intraformant|thenomad|tighttwatbot|titan|urldispatcher) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(turingos|turnitinbot|urly.?warning|vacuum|vci|voideye|whacker) [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^(libwww-perl|widow|wisenutbot|wwwoffle|xaldon|xenu|zeus|zyborg|anonymouse) [NC,OR] # ## STARTS WITH WEB # RewriteCond %{HTTP_USER_AGENT} ^web(zip|emaile|enhancer|fetch|go.?is|auto|bandit|clip|copier|master|reaper|sauger|site.?quester|whack) [NC,OR] # ## ANYWHERE IN UA -- GREEDY REGEX # RewriteCond %{HTTP_USER_AGENT} ^.*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures).*$ [NC] # ## ISSUE 403 / SERVE ERRORDOCUMENT # RewriteRule . - [F,L] # ## Useragents starting with # RewriteCond %{HTTP_USER_AGENT} ^atraxbot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Azureus [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^geohasher [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^PycURL [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Python-urllib [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^research-scan-bot [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Sosospider [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^xenu [NC,OR] # ## User agents contains string # RewriteCond %{HTTP_USER_AGENT} ^.*casper [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^.*goblox [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^.*sun4u [NC] RewriteRule ^(.*)$ - [F] # ## Disable blank UA ## Blank UA and Referer # RewriteCond %{HTTP_REFERER} ^$ [NC] RewriteCond %{HTTP_USER_AGENT} ^$ [NC] RewriteRule .* - [F,L] # ## Prevent use of specified methods in HTTP Request # RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR] # ## Block out use of illegal or unsafe characters in the HTTP Request # RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC,OR] # ## Block out use of illegal or unsafe characters in the Referer Variable of the HTTP Request ## RewriteCond %{HTTP_REFERER} ^(.*)(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] ## Block out use of illegal or unsafe characters in any cookie associated with the HTTP Request # RewriteCond %{HTTP_COOKIE} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] # ## Block out use of illegal characters in URI or use of malformed URI # RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* [NC,OR] # ## Block out use of empty User Agent Strings ## NOTE - disable this rule if your site is integrated with Payment Gateways such as PayPal ## RewriteCond %{HTTP_USER_AGENT} ^$ [OR] ## Block out use of illegal or unsafe characters in the User Agent variable # RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR] # ## Measures to block out SQL injection attacks # RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|"|'|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR] # ## Block out reference to localhost/loopback/127.0.0.1 in the Query String # RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR] # ## Block out use of illegal or unsafe characters in the Query String variable # RewriteCond %{QUERY_STRING} ^.*(<|>|'|'|%0A|%0D|%27|%3C|%3E|%00).* [NC] # ########## Begin - File injection protection, by SigSiu.net RewriteCond %{REQUEST_METHOD} GET RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] RewriteRule .* - [F] ########## End - File injection protection # RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http%3A%2F%2F [OR] # # proc/self/environ? no way! # RewriteCond %{QUERY_STRING} proc\/self\/environ [NC,OR] # ## PHP-CGI Vulnerability # RewriteCond %{QUERY_STRING} ^(%2d|\-)[^=]+$ [NC] RewriteRule (.*) - [F,L] # # # ---------------------------------------------------------------------- # Suppress or force the "www." at the beginning of URLs # ---------------------------------------------------------------------- # The same content should never be available under two different URLs - # especially not with and without "www." at the beginning, since this can cause # SEO problems (duplicate content). That is why you should choose one of the # alternatives and redirect the other one. # By default option 1 (no "www.") is activated. # no-www.org/faq.php?q=class_b # If you would prefer to use option 2, just comment out all option 1 lines # and uncomment option 2. # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME! # ---------------------------------------------------------------------- # Option 1: # Rewrite "www.example.com -> example.com". RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] # ---------------------------------------------------------------------- # Option 2: # Rewrite "example.com -> www.example.com". # Be aware that the following rule might not be a good idea if you use "real" # subdomains for certain parts of your website. # # RewriteCond %{HTTPS} !=on # RewriteCond %{HTTP_HOST} !^www\..+$ [NC] # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # # # # ---------------------------------------------------------------------- # Built-in filename-based cache busting # ---------------------------------------------------------------------- # If you are not using the build script to manage your filename version revving, # you might want to consider enabling this, which will route requests for # `/css/style.20110203.css` to `/css/style.css`. # To understand why this is important and a better idea than all.css?v1231, # please refer to the bundled documentation about `.htaccess`. # # RewriteCond %{REQUEST_FILENAME} !-f # RewriteCond %{REQUEST_FILENAME} !-d # RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L] # # # # ---------------------------------------------------------------------- # Prevent SSL cert warnings # ---------------------------------------------------------------------- # Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent # https://www.example.com when your cert only allows https://secure.example.com # # RewriteCond %{SERVER_PORT} !^443 # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L] # # # # ---------------------------------------------------------------------- # Prevent 404 errors for non-existing redirected folders # ---------------------------------------------------------------------- # without -MultiViews, Apache will give a 404 for a rewrite if a folder of the # same name does not exist. # webmasterworld.com/apache/3808792.htm Options -MultiViews # # # ---------------------------------------------------------------------- # Custom Errors page # ---------------------------------------------------------------------- # You can add custom pages to handle 500 or 403 pretty easily, if you like. # If you are hosting your site in subdirectory, adjust this accordingly # e.g. ErrorDocument 404 /subdir/404.html ErrorDocument 100 /100_CONTINUE ErrorDocument 101 /101_SWITCHING_PROTOCOLS ErrorDocument 102 /102_PROCESSING ErrorDocument 200 /200_OK ErrorDocument 201 /201_CREATED ErrorDocument 202 /202_ACCEPTED ErrorDocument 203 /203_NON_AUTHORITATIVE ErrorDocument 204 /204_NO_CONTENT ErrorDocument 205 /205_RESET_CONTENT ErrorDocument 206 /206_PARTIAL_CONTENT ErrorDocument 207 /207_MULTI_STATUS ErrorDocument 300 /300_MULTIPLE_CHOICES ErrorDocument 301 /301_MOVED_PERMANENTLY ErrorDocument 302 /302_MOVED_TEMPORARILY ErrorDocument 303 /303_SEE_OTHER ErrorDocument 304 /304_NOT_MODIFIED ErrorDocument 305 /305_USE_PROXY ErrorDocument 307 /307_TEMPORARY_REDIRECT ErrorDocument 400 /400_BAD_REQUEST ErrorDocument 401 /401_UNAUTHORIZED ErrorDocument 402 /402_PAYMENT_REQUIRED ErrorDocument 403 /403_FORBIDDEN ErrorDocument 404 /404_NOT_FOUND ErrorDocument 405 /405_METHOD_NOT_ALLOWED ErrorDocument 406 /406_NOT_ACCEPTABLE ErrorDocument 407 /407_PROXY_AUTHENTICATION_REQUIRED ErrorDocument 408 /408_REQUEST_TIME_OUT ErrorDocument 409 /409_CONFLICT ErrorDocument 410 /410_GONE ErrorDocument 411 /411_LENGTH_REQUIRED ErrorDocument 412 /412_PRECONDITION_FAILED ErrorDocument 413 /413_REQUEST_ENTITY_TOO_LARGE ErrorDocument 414 /414_REQUEST_URI_TOO_LARGE ErrorDocument 415 /415_UNSUPPORTED_MEDIA_TYPE ErrorDocument 416 /416_RANGE_NOT_SATISFIABLE ErrorDocument 417 /417_EXPECTATION_FAILED ErrorDocument 422 /422_UNPROCESSABLE_ENTITY ErrorDocument 423 /423_LOCKED ErrorDocument 424 /424_FAILED_DEPENDENCY ErrorDocument 426 /426_UPGRADE_REQUIRED ErrorDocument 500 /500_INTERNAL_SERVER_ERROR ErrorDocument 501 /501_NOT_IMPLEMENTED ErrorDocument 502 /502_BAD_GATEWAY ErrorDocument 503 /503_SERV
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.