mjau-mjau/httpd.conf

## httpd.conf

# X3 extended Apache configuration example similar to what we use on our own Apache hosting.
# Some of the non-X3-specific rules may already be applied to your server by default.
# Find more standard Apache default here: https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess

# Redirect non-SSL requests (both www and non-www) to HTTPS website [OPTIONAL]
<VirtualHost *:80>
  ServerName yourwebsite.com
  ServerAlias www.yourwebsite.com
  Redirect permanent / https://yourwebsite.com/
</VirtualHost>

# Redirect www to non-www version of website on SSL (port 443) [OPTIONAL]
<VirtualHost *:443>
  ServerName www.yourwebsite.com
  Redirect permanent / https://yourwebsite.com/
</VirtualHost>

# Main X3 website configuration on SSL without www
<VirtualHost *:443>

  # Set serverName and DocumentRoot
  ServerName yourwebsite.com
  DocumentRoot /var/www/yourwebsite

  # X3 specific rules applied relative to X3 root directory
  <Directory /var/www/yourwebsite/>

    # Stop Apache from loading .htaccess files [OPTIONAL]
    AllowOverride None

    # RewriteEngine [REQUIRED]
    RewriteEngine On

    # Rewrite any calls to *.html, *.json, *.xml, *.atom, *.rss if a folder matching * exists [REQUIRED]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule (.+)\.(html|json|xml|atom|rss)$ $1/ [L]

    # Add a trailing slash to directories [OPTIONAL but recommended]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !(\.|\?)
    RewriteCond %{REQUEST_URI} !(.*)/$
    RewriteRule ([^/]+)$ $1/ [L]

    # Rewrite any calls to /render to the image parser [REQUIRED]
    RewriteCond %{REQUEST_FILENAME} !-f [OR]
    RewriteCond %{QUERY_STRING} ^(?)debug($|&)
    RewriteCond %{REQUEST_URI} render/
    RewriteRule ^render/. app/parsers/slir/index.php?$1 [L]

    # Rewrite routes to index.php if they are non-existent files/dirs [REQUIRED]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ index.php?/$1/ [L,QSA]

    # Let Diagnostics know X3 is configured from server [OPTIONAL]
    <IfModule mod_env.c>
      SetEnv X3_SERVER_CONFIG On
    </IfModule>

    # Prevent X3 Diagnostics from showing server information [OPTIONAL]
    <IfModule mod_env.c>
      SetEnv X3_HIDE_DIAGNOSTICS On
    </IfModule>

    # Prevent folder directory listing [OPTIONAL]
    <IfModule mod_autoindex.c>
      Options -Indexes
    </IfModule>

    # unset etag (caching) [OPTIONAL]
    <IfModule mod_headers.c>
      Header unset ETag
    </IfModule>
    FileETag None

    # Increase cookie security (only if you are using PHP5) [OPTIONAL]
    <IfModule php5_module>
      php_value session.cookie_httponly true
    </IfModule>

    # Agressive caching headers [OPTIONAL]
    # Static assets set to be cached up to 10 years, while X3 application files should not cache.
    <IfModule mod_expires.c>
      ExpiresActive on
      ExpiresDefault                                      "access plus 10 years"
      ExpiresByType text/html                             "access plus 0 seconds"
      ExpiresByType text/xml                              "access plus 3600 seconds"
      ExpiresByType application/xml                       "access plus 3600 seconds"
    </IfModule>

    # Immutable cache-control for static assets [OPTIONAL]
    <IfModule mod_headers.c>
      <Files ~ "\.(jpe?g|png|gif|svg|mp3|mp4|json|css|js)$">
        Header append Cache-Control "public, immutable"
      </Files>
    </IfModule>

    # Make sure you are using utf-8 default charset [OPTIONAL]
    AddDefaultCharset utf-8
    <IfModule mod_mime.c>
      AddCharset utf-8 .css .js .xml .json .rss .atom
    </IfModule>

    # Compress (deflate) text-based files [OPTIONAL]
    # Most of the below should already be configured by default on your server.
    <IfModule mod_deflate.c>
      <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript
        AddOutputFilterByType DEFLATE text/css
        AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
        AddOutputFilterByType DEFLATE application/rss+xml
        AddOutputFilterByType DEFLATE application/xml
        AddOutputFilterByType DEFLATE application/json
        AddOutputFilterByType DEFLATE image/svg+xml
      </IfModule>
    </IfModule>

  </Directory>

  # Block direct access to some X3 PHP files with exceptions [OPTIONAL]
  <DirectoryMatch /var/www/yourwebsite/(app|content)/>
    <Files *.php>
      Require all denied
    </Files>
    <FilesMatch "(index|x3\.mailer|x3\.api)\.php$">
      Require all granted
    </FilesMatch>
  </DirectoryMatch>

  # Block public web access to the X3 /config/ folder [REQUIRED] and /_cache/ folder [OPTIONAL]
  <DirectoryMatch /var/www/yourwebsite/(config|_cache|app/resources)/>
    Require all denied
    # For older Apache servers, uncomment and use the line below instead.
    # Deny from all
  </DirectoryMatch>

</VirtualHost>

	# X3 extended Apache configuration example similar to what we use on our own Apache hosting.
	# Some of the non-X3-specific rules may already be applied to your server by default.
	# Find more standard Apache default here: https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess

	# Redirect non-SSL requests (both www and non-www) to HTTPS website [OPTIONAL]
	<VirtualHost *:80>
	ServerName yourwebsite.com
	ServerAlias www.yourwebsite.com
	Redirect permanent / https://yourwebsite.com/
	</VirtualHost>

	# Redirect www to non-www version of website on SSL (port 443) [OPTIONAL]
	<VirtualHost *:443>
	ServerName www.yourwebsite.com
	Redirect permanent / https://yourwebsite.com/
	</VirtualHost>

	# Main X3 website configuration on SSL without www
	<VirtualHost *:443>

	# Set serverName and DocumentRoot
	ServerName yourwebsite.com
	DocumentRoot /var/www/yourwebsite

	# X3 specific rules applied relative to X3 root directory
	<Directory /var/www/yourwebsite/>

	# Stop Apache from loading .htaccess files [OPTIONAL]
	AllowOverride None

	# RewriteEngine [REQUIRED]
	RewriteEngine On

	# Rewrite any calls to .html, .json, .xml, .atom, .rss if a folder matching exists [REQUIRED]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteRule (.+)\.(html\|json\|xml\|atom\|rss)$ $1/ [L]

	# Add a trailing slash to directories [OPTIONAL but recommended]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_URI} !(\.\|\?)
	RewriteCond %{REQUEST_URI} !(.*)/$
	RewriteRule ([^/]+)$ $1/ [L]

	# Rewrite any calls to /render to the image parser [REQUIRED]
	RewriteCond %{REQUEST_FILENAME} !-f [OR]
	RewriteCond %{QUERY_STRING} ^(?)debug($\|&)
	RewriteCond %{REQUEST_URI} render/
	RewriteRule ^render/. app/parsers/slir/index.php?$1 [L]

	# Rewrite routes to index.php if they are non-existent files/dirs [REQUIRED]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule ^(.*)/$ index.php?/$1/ [L,QSA]

	# Let Diagnostics know X3 is configured from server [OPTIONAL]
	<IfModule mod_env.c>
	SetEnv X3_SERVER_CONFIG On
	</IfModule>

	# Prevent X3 Diagnostics from showing server information [OPTIONAL]
	<IfModule mod_env.c>
	SetEnv X3_HIDE_DIAGNOSTICS On
	</IfModule>

	# Prevent folder directory listing [OPTIONAL]
	<IfModule mod_autoindex.c>
	Options -Indexes
	</IfModule>

	# unset etag (caching) [OPTIONAL]
	<IfModule mod_headers.c>
	Header unset ETag
	</IfModule>
	FileETag None

	# Increase cookie security (only if you are using PHP5) [OPTIONAL]
	<IfModule php5_module>
	php_value session.cookie_httponly true
	</IfModule>

	# Agressive caching headers [OPTIONAL]
	# Static assets set to be cached up to 10 years, while X3 application files should not cache.
	<IfModule mod_expires.c>
	ExpiresActive on
	ExpiresDefault "access plus 10 years"
	ExpiresByType text/html "access plus 0 seconds"
	ExpiresByType text/xml "access plus 3600 seconds"
	ExpiresByType application/xml "access plus 3600 seconds"
	</IfModule>

	# Immutable cache-control for static assets [OPTIONAL]
	<IfModule mod_headers.c>
	<Files ~ "\.(jpe?g\|png\|gif\|svg\|mp3\|mp4\|json\|css\|js)$">
	Header append Cache-Control "public, immutable"
	</Files>
	</IfModule>

	# Make sure you are using utf-8 default charset [OPTIONAL]
	AddDefaultCharset utf-8
	<IfModule mod_mime.c>
	AddCharset utf-8 .css .js .xml .json .rss .atom
	</IfModule>

	# Compress (deflate) text-based files [OPTIONAL]
	# Most of the below should already be configured by default on your server.
	<IfModule mod_deflate.c>
	<IfModule mod_filter.c>
	AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript
	AddOutputFilterByType DEFLATE text/css
	AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
	AddOutputFilterByType DEFLATE application/rss+xml
	AddOutputFilterByType DEFLATE application/xml
	AddOutputFilterByType DEFLATE application/json
	AddOutputFilterByType DEFLATE image/svg+xml
	</IfModule>
	</IfModule>

	</Directory>

	# Block direct access to some X3 PHP files with exceptions [OPTIONAL]
	<DirectoryMatch /var/www/yourwebsite/(app\|content)/>
	<Files *.php>
	Require all denied
	</Files>
	<FilesMatch "(index\|x3\.mailer\|x3\.api)\.php$">
	Require all granted
	</FilesMatch>
	</DirectoryMatch>

	# Block public web access to the X3 /config/ folder [REQUIRED] and /_cache/ folder [OPTIONAL]
	<DirectoryMatch /var/www/yourwebsite/(config\|_cache\|app/resources)/>
	Require all denied
	# For older Apache servers, uncomment and use the line below instead.
	# Deny from all
	</DirectoryMatch>

	</VirtualHost>