postpostmodern/404.html

## 404.html
<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Page Not Found</title>
  <style type="text/css" media="screen">
    body {
      background: #f0f0f0;
      font: normal 18px sans-serif;
      width: 400px;
      margin: 50px auto;
    }
    h1 {
      font-size: 120%;
    }
    .more-info {
      font-size: 80%;
      background: white;
      padding: 10px 20px;
    }
  </style>
</head>
<body>
  <h1>Are you lost?</h1>
  <p>The page you were looking for is somewhere else, or perhaps it does not exist at all.</p>
  <p>Try <a href="/">the home page</a> and see if you can get back on track.</p>
  <div class="more-info">
    <h1>Did you know?</h1>
    <p>This is what we in the business call a <b>404 error</b>. Web servers have their own
      codes – kinda like police. Your browser usually knows what to do with these codes. <b>404</b> is the http code for "page not found."</p>
    <p>There are tons of codes. Most of the time, you get a <b>200</b>, which is not an error. <b>200</b> is the code for "OK."
      Anything in the 200 range is usually pretty good.</p>
    <p>The <b>300's</b> are when you get redirected to another page automatically.</p>
    <p>The <b>400's</b> mean you did something wrong like <b>404 Not Found</b> or <b>401 Unauthorized</b>. <b>418</b> means you reached a <b>teapot</b> instead
      of a web server. That's always embarrasing.</p>
    <p>Finally, the <b>500's</b> mean the server did something wrong. Those are usually out of your control.</p>
    <p><a href="http://en.wikipedia.org/wiki/List_of_HTTP_status_codes">See Wikipedia for more info.</a></p>
  </div>
</body>
</html>

## 404.html
<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Page Not Found</title>
  <style type="text/css" media="screen">
    body {
      background: #f0f0f0;
      font: normal 18px sans-serif;
      width: 400px;
      margin: 50px auto;
    }
    h1 {
      font-size: 120%;
    }
    .more-info {
      font-size: 80%;
      background: white;
      padding: 10px 20px;
    }
  </style>
</head>
<body>
  <h1>Are you lost?</h1>
  <p>The page you were looking for is somewhere else, or perhaps it does not exist at all.</p>
  <p>Try <a href="/">the home page</a> and see if you can get back on track.</p>
  <div class="more-info">
    <h1>Did you know?</h1>
    <p>This is what we in the business call a <b>404 error</b>. Web servers have their own
      codes – kinda like police. Your browser usually knows what to do with these codes. <b>404</b> is the http code for "page not found."</p>
    <p>There are tons of codes. Most of the time, you get a <b>200</b>, which is not an error. <b>200</b> is the code for "OK."
      Anything in the 200 range is usually pretty good.</p>
    <p>The <b>300's</b> are when you get redirected to another page automatically.</p>
    <p>The <b>400's</b> mean you did something wrong like <b>404 Not Found</b> or <b>401 Unauthorized</b>. <b>418</b> means you reached a <b>teapot</b> instead
      of a web server. That's always embarrasing.</p>
    <p>Finally, the <b>500's</b> mean the server did something wrong. Those are usually out of your control.</p>
    <p><a href="http://en.wikipedia.org/wiki/List_of_HTTP_status_codes">See Wikipedia for more info.</a></p>
  </div>
</body>
</html>

## httpd.conf
ServerName www.example.com
ServerAdmin webmaster@example.com

# Uncomment the NameVirtualHost stuff if it's not in your ports.conf

NameVirtualHost *:80
<IfModule mod_ssl.c>
    NameVirtualHost *:443
</IfModule>

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 60

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 200

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 3

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
    StartServers          3
    MinSpareServers       2
    MaxSpareServers       3
    MaxClients           50
    MaxRequestsPerChild   0
</IfModule>

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" iocombined

# Protect svn directories
<DirectoryMatch "^/.*/(\.svn|CVS)/">
  Order deny,allow
  Deny from all
</DirectoryMatch>

# For server-wide error pages
Alias /error/ /var/www/errors/

<Directory "/var/www/sites">
        ErrorDocument 404 /error/404.html
</Directory>
<Directory "/var/www/errors">
        AllowOverride All
        Options SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
        AcceptPathInfo On
</Directory>

Alias /maintenance "/var/www/maintenance"

# AliasMatch (?i)^/(cms|wp-admin|director/index\.php)(.*) /var/www/maintenance/index.html

<Directory "/var/www/sites">

  # ===================================================== #
  #    The following config settings are taken from       #
  #         the HTML5 Boilerplate template at             #
  #             http://html5boilerplate.com/              #
  # ===================================================== #

  # ----------------------------------------------------------------------
  # | Cross-origin images                                                |
  # ----------------------------------------------------------------------

  # Send the CORS header for images when browsers request it.
  #
  # https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_enabled_image
  # https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html

  <IfModule mod_setenvif.c>
      <IfModule mod_headers.c>
          <FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
              SetEnvIf Origin ":" IS_CORS
              Header set Access-Control-Allow-Origin "*" env=IS_CORS
          </FilesMatch>
      </IfModule>
  </IfModule>

  # ----------------------------------------------------------------------
  # | Cross-origin web fonts                                             |
  # ----------------------------------------------------------------------

  # Allow cross-origin access to web fonts.

  <IfModule mod_headers.c>
      <FilesMatch "\.(eot|otf|tt[cf]|woff2?)$">
          Header set Access-Control-Allow-Origin "*"
      </FilesMatch>
  </IfModule>

  # ----------------------------------------------------------------------
  # | Error prevention                                                   |
  # ----------------------------------------------------------------------

  # Disable the pattern matching based on filenames.
  #
  # This setting prevents Apache from returning a 404 error as the result
  # of a rewrite when the directory with the same name does not exist.
  #
  # https://httpd.apache.org/docs/current/content-negotiation.html#multiviews

  Options -MultiViews

  # ######################################################################
  # # MEDIA TYPES AND CHARACTER ENCODINGS                                #
  # ######################################################################

  # ----------------------------------------------------------------------
  # | Media types                                                        |
  # ----------------------------------------------------------------------

  # Serve resources with the proper media types (f.k.a. MIME types).
  #
  # https://www.iana.org/assignments/media-types/media-types.xhtml
  # https://httpd.apache.org/docs/current/mod/mod_mime.html#addtype

  <IfModule mod_mime.c>

    # Data interchange

      AddType application/atom+xml                        atom
      AddType application/json                            json map topojson
      AddType application/ld+json                         jsonld
      AddType application/rss+xml                         rss
      AddType application/vnd.geo+json                    geojson
      AddType application/xml                             rdf xml


    # JavaScript

      # Normalize to standard type.
      # https://tools.ietf.org/html/rfc4329#section-7.2

      AddType application/javascript                      js


    # Manifest files

      AddType application/manifest+json                   webmanifest
      AddType application/x-web-app-manifest+json         webapp
      AddType text/cache-manifest                         appcache


    # Media files

      AddType audio/mp4                                   f4a f4b m4a
      AddType audio/ogg                                   oga ogg opus
      AddType image/bmp                                   bmp
      AddType image/svg+xml                               svg svgz
      AddType image/webp                                  webp
      AddType video/mp4                                   f4v f4p m4v mp4
      AddType video/ogg                                   ogv
      AddType video/webm                                  webm
      AddType video/x-flv                                 flv

      # Serving `.ico` image files with a different media type
      # prevents Internet Explorer from displaying then as images:
      # https://github.com/h5bp/html5-boilerplate/commit/37b5fec090d00f38de64b591bcddcb205aadf8ee

      AddType image/x-icon                                cur ico


    # Web fonts

      AddType application/font-woff                       woff
      AddType application/font-woff2                      woff2
      AddType application/vnd.ms-fontobject               eot

      # Browsers usually ignore the font media types and simply sniff
      # the bytes to figure out the font type.
      # https://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
      #
      # However, Blink and WebKit based browsers will show a warning
      # in the console if the following font types are served with any
      # other media types.

      AddType application/x-font-ttf                      ttc ttf
      AddType font/opentype                               otf


    # Other

      AddType application/octet-stream                    safariextz
      AddType application/x-bb-appworld                   bbaw
      AddType application/x-chrome-extension              crx
      AddType application/x-opera-extension               oex
      AddType application/x-xpinstall                     xpi
      AddType text/vcard                                  vcard vcf
      AddType text/vnd.rim.location.xloc                  xloc
      AddType text/vtt                                    vtt
      AddType text/x-component                            htc

  </IfModule>

  # ----------------------------------------------------------------------
  # | Character encodings                                                |
  # ----------------------------------------------------------------------

  # Serve all resources labeled as `text/html` or `text/plain`
  # with the media type `charset` parameter set to `UTF-8`.
  #
  # https://httpd.apache.org/docs/current/mod/core.html#adddefaultcharset

  AddDefaultCharset utf-8

  # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  # Serve the following file types with the media type `charset`
  # parameter set to `UTF-8`.
  #
  # https://httpd.apache.org/docs/current/mod/mod_mime.html#addcharset

  <IfModule mod_mime.c>
      AddCharset utf-8 .atom \
                       .bbaw \
                       .css \
                       .geojson \
                       .js \
                       .json \
                       .jsonld \
                       .manifest \
                       .rdf \
                       .rss \
                       .topojson \
                       .vtt \
                       .webapp \
                       .webmanifest \
                       .xloc \
                       .xml
  </IfModule>


  # ######################################################################
  # # REWRITES                                                           #
  # ######################################################################

  # ----------------------------------------------------------------------
  # | Rewrite engine                                                     |
  # ----------------------------------------------------------------------

  # (1) Turn on the rewrite engine (this is necessary in order for
  #     the `RewriteRule` directives to work).
  #
  #     https://httpd.apache.org/docs/current/mod/mod_rewrite.html#RewriteEngine
  #
  # (2) Enable the `FollowSymLinks` option if it isn't already.
  #
  #     https://httpd.apache.org/docs/current/mod/core.html#options
  #
  # (3) If your web host doesn't allow the `FollowSymlinks` option,
  #     you need to comment it out or remove it, and then uncomment
  #     the `Options +SymLinksIfOwnerMatch` line (4), but be aware
  #     of the performance impact.
  #
  #     https://httpd.apache.org/docs/current/misc/perf-tuning.html#symlinks
  #
  # (4) Some cloud hosting services will require you set `RewriteBase`.
  #
  #     https://www.rackspace.com/knowledge_center/frequently-asked-question/why-is-modrewrite-not-working-on-my-site
  #     https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
  #
  # (5) Depending on how your server is set up, you may also need to
  #     use the `RewriteOptions` directive to enable some options for
  #     the rewrite engine.
  #
  #     https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriteoptions
  #
  # (6) Set %{ENV:PROTO} variable, to allow rewrites to redirect with the
  #     appropriate schema automatically (http or https).

  <IfModule mod_rewrite.c>

      # (1)
      RewriteEngine On

      # (2)
      Options +FollowSymlinks

      # (3)
      # Options +SymLinksIfOwnerMatch

      # (4)
      # RewriteBase /

      # (5)
      # RewriteOptions <options>

      # (6)
      RewriteCond %{HTTPS} =on
      RewriteRule ^ - [env=proto:https]
      RewriteCond %{HTTPS} !=on
      RewriteRule ^ - [env=proto:http]

  </IfModule>

  # ----------------------------------------------------------------------
  # | File access                                                        |
  # ----------------------------------------------------------------------

  # Block access to directories without a default document.
  #
  # You should leave the following uncommented, as you shouldn't allow
  # anyone to surf through every directory on your server (which may
  # includes rather private places such as the CMS's directories).

  <IfModule mod_autoindex.c>
      Options -Indexes
  </IfModule>

  # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  # Block access to all hidden files and directories with the exception of
  # the visible content from within the `/.well-known/` hidden directory.
  #
  # These types of files usually contain user preferences or the preserved
  # state of an utility, and can include rather private places like, for
  # example, the `.git` or `.svn` directories.
  #
  # The `/.well-known/` directory represents the standard (RFC 5785) path
  # prefix for "well-known locations" (e.g.: `/.well-known/manifest.json`,
  # `/.well-known/keybase.txt`), and therefore, access to its visible
  # content should not be blocked.
  #
  # https://www.mnot.net/blog/2010/04/07/well-known
  # https://tools.ietf.org/html/rfc5785

  <IfModule mod_rewrite.c>
      RewriteEngine On
      RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
      RewriteCond %{SCRIPT_FILENAME} -d [OR]
      RewriteCond %{SCRIPT_FILENAME} -f
      RewriteRule "(^|/)\." - [F]
  </IfModule>

  # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  # Block access to files that can expose sensitive information.
  #
  # By default, block access to backup and source files that may be
  # left by some text editors and can pose a security risk when anyone
  # has access to them.
  #
  # http://feross.org/cmsploit/
  #
  # (!) Update the `<FilesMatch>` regular expression from below to
  # include any files that might end up on your production server and
  # can expose sensitive information about your website. These files may
  # include: configuration files, files that contain metadata about the
  # project (e.g.: project dependencies), build scripts, etc..

  <FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$">

      # Apache < 2.3
      <IfModule !mod_authz_core.c>
          Order allow,deny
          Deny from all
          Satisfy All
      </IfModule>

      # Apache ≥ 2.3
      <IfModule mod_authz_core.c>
          Require all denied
      </IfModule>

  </FilesMatch>


  # ######################################################################
  # # WEB PERFORMANCE                                                    #
  # ######################################################################

  # ----------------------------------------------------------------------
  # | Compression                                                        |
  # ----------------------------------------------------------------------

  <IfModule mod_deflate.c>

      # Force compression for mangled `Accept-Encoding` request headers
      # https://developer.yahoo.com/blogs/ydn/pushing-beyond-gzipping-25601.html

      <IfModule mod_setenvif.c>
          <IfModule mod_headers.c>
              SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
              RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
          </IfModule>
      </IfModule>

      # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      # Compress all output labeled with one of the following media types.
      #
      # (!) For Apache versions below version 2.3.7 you don't need to
      # enable `mod_filter` and can remove the `<IfModule mod_filter.c>`
      # and `</IfModule>` lines as `AddOutputFilterByType` is still in
      # the core directives.
      #
      # https://httpd.apache.org/docs/current/mod/mod_filter.html#addoutputfilterbytype

      <IfModule mod_filter.c>
          AddOutputFilterByType DEFLATE "application/atom+xml" \
                                        "application/javascript" \
                                        "application/json" \
                                        "application/ld+json" \
                                        "application/manifest+json" \
                                        "application/rdf+xml" \
                                        "application/rss+xml" \
                                        "application/schema+json" \
                                        "application/vnd.geo+json" \
                                        "application/vnd.ms-fontobject" \
                                        "application/x-font-ttf" \
                                        "application/x-javascript" \
                                        "application/x-web-app-manifest+json" \
                                        "application/xhtml+xml" \
                                        "application/xml" \
                                        "font/eot" \
                                        "font/opentype" \
                                        "image/bmp" \
                                        "image/svg+xml" \
                                        "image/vnd.microsoft.icon" \
                                        "image/x-icon" \
                                        "text/cache-manifest" \
                                        "text/css" \
                                        "text/html" \
                                        "text/javascript" \
                                        "text/plain" \
                                        "text/vcard" \
                                        "text/vnd.rim.location.xloc" \
                                        "text/vtt" \
                                        "text/x-component" \
                                        "text/x-cross-domain-policy" \
                                        "text/xml"

      </IfModule>

      # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      # Map the following filename extensions to the specified
      # encoding type in order to make Apache serve the file types
      # with the appropriate `Content-Encoding` response header
      # (do note that this will NOT make Apache compress them!).
      #
      # If these files types would be served without an appropriate
      # `Content-Enable` response header, client applications (e.g.:
      # browsers) wouldn't know that they first need to uncompress
      # the response, and thus, wouldn't be able to understand the
      # content.
      #
      # https://httpd.apache.org/docs/current/mod/mod_mime.html#addencoding

      <IfModule mod_mime.c>
          AddEncoding gzip              svgz
      </IfModule>

  </IfModule>

</Directory>

## index.html
<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Site down for maintenance.</title>
  <style type="text/css" media="screen">
    body {
      background: #f0f0f0;
      font: normal 18px sans-serif;
      width: 400px;
      margin: 50px auto;
    }
    h1 {
      font-size: 120%;
    }
    .more-info {
      font-size: 80%;
      background: white;
      padding: 10px 20px;
    }
  </style>
</head>
<body>
  <h1>We are sorry. This site is currently down for maintenance.</h1>
  <p>Please check back soon.</p>
</body>
</html>

## index.html
<!doctype html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Site down for maintenance.</title>
  <style type="text/css" media="screen">
    body {
      background: #f0f0f0;
      font: normal 18px sans-serif;
      width: 400px;
      margin: 50px auto;
    }
    h1 {
      font-size: 120%;
    }
    .more-info {
      font-size: 80%;
      background: white;
      padding: 10px 20px;
    }
  </style>
</head>
<body>
  <h1>We are sorry. This site is currently down for maintenance.</h1>
  <p>Please check back soon.</p>
</body>
</html>
	<!doctype html>
	<html lang="en">
	<head>
	<meta charset="utf-8">
	<title>Page Not Found</title>
	<style type="text/css" media="screen">
	body {
	background: #f0f0f0;
	font: normal 18px sans-serif;
	width: 400px;
	margin: 50px auto;
	}
	h1 {
	font-size: 120%;
	}
	.more-info {
	font-size: 80%;
	background: white;
	padding: 10px 20px;
	}
	</style>
	</head>
	<body>
	<h1>Are you lost?</h1>
	<p>The page you were looking for is somewhere else, or perhaps it does not exist at all.</p>
	<p>Try <a href="/">the home page</a> and see if you can get back on track.</p>
	<div class="more-info">
	<h1>Did you know?</h1>
	<p>This is what we in the business call a <b>404 error</b>. Web servers have their own
	codes – kinda like police. Your browser usually knows what to do with these codes. <b>404</b> is the http code for "page not found."</p>
	<p>There are tons of codes. Most of the time, you get a <b>200</b>, which is not an error. <b>200</b> is the code for "OK."
	Anything in the 200 range is usually pretty good.</p>
	<p>The <b>300's</b> are when you get redirected to another page automatically.</p>
	<p>The <b>400's</b> mean you did something wrong like <b>404 Not Found</b> or <b>401 Unauthorized</b>. <b>418</b> means you reached a <b>teapot</b> instead
	of a web server. That's always embarrasing.</p>
	<p>Finally, the <b>500's</b> mean the server did something wrong. Those are usually out of your control.</p>
	<p><a href="http://en.wikipedia.org/wiki/List_of_HTTP_status_codes">See Wikipedia for more info.</a></p>
	</div>
	</body>
	</html>
	ServerName www.example.com
	ServerAdmin webmaster@example.com

	# Uncomment the NameVirtualHost stuff if it's not in your ports.conf

	NameVirtualHost *:80
	<IfModule mod_ssl.c>
	NameVirtualHost *:443
	</IfModule>

	#
	# Timeout: The number of seconds before receives and sends time out.
	#
	Timeout 60

	#
	# KeepAlive: Whether or not to allow persistent connections (more than
	# one request per connection). Set to "Off" to deactivate.
	#
	KeepAlive On

	#
	# MaxKeepAliveRequests: The maximum number of requests to allow
	# during a persistent connection. Set to 0 to allow an unlimited amount.
	# We recommend you leave this number high, for maximum performance.
	#
	MaxKeepAliveRequests 200

	#
	# KeepAliveTimeout: Number of seconds to wait for the next request from the
	# same client on the same connection.
	#
	KeepAliveTimeout 3

	# prefork MPM
	# StartServers: number of server processes to start
	# MinSpareServers: minimum number of server processes which are kept spare
	# MaxSpareServers: maximum number of server processes which are kept spare
	# MaxClients: maximum number of server processes allowed to start
	# MaxRequestsPerChild: maximum number of requests a server process serves
	<IfModule mpm_prefork_module>
	StartServers 3
	MinSpareServers 2
	MaxSpareServers 3
	MaxClients 50
	MaxRequestsPerChild 0
	</IfModule>

	#
	# ServerTokens
	# This directive configures what you return as the Server HTTP response
	# Header. The default is 'Full' which sends information about the OS-Type
	# and compiled in modules.
	# Set to one of: Full \| OS \| Minor \| Minimal \| Major \| Prod
	# where Full conveys the most information, and Prod the least.
	#
	ServerTokens Prod

	LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" iocombined

	# Protect svn directories
	<DirectoryMatch "^/.*/(\.svn\|CVS)/">
	Order deny,allow
	Deny from all
	</DirectoryMatch>

	# For server-wide error pages
	Alias /error/ /var/www/errors/

	<Directory "/var/www/sites">
	ErrorDocument 404 /error/404.html
	</Directory>
	<Directory "/var/www/errors">
	AllowOverride All
	Options SymLinksIfOwnerMatch
	Order allow,deny
	Allow from all
	AcceptPathInfo On
	</Directory>

	Alias /maintenance "/var/www/maintenance"

	# AliasMatch (?i)^/(cms\|wp-admin\|director/index\.php)(.*) /var/www/maintenance/index.html

	<Directory "/var/www/sites">

	# ===================================================== #
	# The following config settings are taken from #
	# the HTML5 Boilerplate template at #
	# http://html5boilerplate.com/ #
	# ===================================================== #

	# ----------------------------------------------------------------------
	# \| Cross-origin images \|
	# ----------------------------------------------------------------------

	# Send the CORS header for images when browsers request it.
	#
	# https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_enabled_image
	# https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html

	<IfModule mod_setenvif.c>
	<IfModule mod_headers.c>
	<FilesMatch "\.(bmp\|cur\|gif\|ico\|jpe?g\|png\|svgz?\|webp)$">
	SetEnvIf Origin ":" IS_CORS
	Header set Access-Control-Allow-Origin "*" env=IS_CORS
	</FilesMatch>
	</IfModule>
	</IfModule>

	# ----------------------------------------------------------------------
	# \| Cross-origin web fonts \|
	# ----------------------------------------------------------------------

	# Allow cross-origin access to web fonts.

	<IfModule mod_headers.c>
	<FilesMatch "\.(eot\|otf\|tt[cf]\|woff2?)$">
	Header set Access-Control-Allow-Origin "*"
	</FilesMatch>
	</IfModule>

	# ----------------------------------------------------------------------
	# \| Error prevention \|
	# ----------------------------------------------------------------------

	# Disable the pattern matching based on filenames.
	#
	# This setting prevents Apache from returning a 404 error as the result
	# of a rewrite when the directory with the same name does not exist.
	#
	# https://httpd.apache.org/docs/current/content-negotiation.html#multiviews

	Options -MultiViews

	# ######################################################################
	# # MEDIA TYPES AND CHARACTER ENCODINGS #
	# ######################################################################

	# ----------------------------------------------------------------------
	# \| Media types \|
	# ----------------------------------------------------------------------

	# Serve resources with the proper media types (f.k.a. MIME types).
	#
	# https://www.iana.org/assignments/media-types/media-types.xhtml
	# https://httpd.apache.org/docs/current/mod/mod_mime.html#addtype

	<IfModule mod_mime.c>

	# Data interchange

	AddType application/atom+xml atom
	AddType application/json json map topojson
	AddType application/ld+json jsonld
	AddType application/rss+xml rss
	AddType application/vnd.geo+json geojson
	AddType application/xml rdf xml


	# JavaScript

	# Normalize to standard type.
	# https://tools.ietf.org/html/rfc4329#section-7.2

	AddType application/javascript js


	# Manifest files

	AddType application/manifest+json webmanifest
	AddType application/x-web-app-manifest+json webapp
	AddType text/cache-manifest appcache


	# Media files

	AddType audio/mp4 f4a f4b m4a
	AddType audio/ogg oga ogg opus
	AddType image/bmp bmp
	AddType image/svg+xml svg svgz
	AddType image/webp webp
	AddType video/mp4 f4v f4p m4v mp4
	AddType video/ogg ogv
	AddType video/webm webm
	AddType video/x-flv flv

	# Serving `.ico` image files with a different media type
	# prevents Internet Explorer from displaying then as images:
	# https://github.com/h5bp/html5-boilerplate/commit/37b5fec090d00f38de64b591bcddcb205aadf8ee

	AddType image/x-icon cur ico


	# Web fonts

	AddType application/font-woff woff
	AddType application/font-woff2 woff2
	AddType application/vnd.ms-fontobject eot

	# Browsers usually ignore the font media types and simply sniff
	# the bytes to figure out the font type.
	# https://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
	#
	# However, Blink and WebKit based browsers will show a warning
	# in the console if the following font types are served with any
	# other media types.

	AddType application/x-font-ttf ttc ttf
	AddType font/opentype otf


	# Other

	AddType application/octet-stream safariextz
	AddType application/x-bb-appworld bbaw
	AddType application/x-chrome-extension crx
	AddType application/x-opera-extension oex
	AddType application/x-xpinstall xpi
	AddType text/vcard vcard vcf
	AddType text/vnd.rim.location.xloc xloc
	AddType text/vtt vtt
	AddType text/x-component htc

	</IfModule>

	# ----------------------------------------------------------------------
	# \| Character encodings \|
	# ----------------------------------------------------------------------

	# Serve all resources labeled as `text/html` or `text/plain`
	# with the media type `charset` parameter set to `UTF-8`.
	#
	# https://httpd.apache.org/docs/current/mod/core.html#adddefaultcharset

	AddDefaultCharset utf-8

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# Serve the following file types with the media type `charset`
	# parameter set to `UTF-8`.
	#
	# https://httpd.apache.org/docs/current/mod/mod_mime.html#addcharset

	<IfModule mod_mime.c>
	AddCharset utf-8 .atom \
	.bbaw \
	.css \
	.geojson \
	.js \
	.json \
	.jsonld \
	.manifest \
	.rdf \
	.rss \
	.topojson \
	.vtt \
	.webapp \
	.webmanifest \
	.xloc \
	.xml
	</IfModule>


	# ######################################################################
	# # REWRITES #
	# ######################################################################

	# ----------------------------------------------------------------------
	# \| Rewrite engine \|
	# ----------------------------------------------------------------------

	# (1) Turn on the rewrite engine (this is necessary in order for
	# the `RewriteRule` directives to work).
	#
	# https://httpd.apache.org/docs/current/mod/mod_rewrite.html#RewriteEngine
	#
	# (2) Enable the `FollowSymLinks` option if it isn't already.
	#
	# https://httpd.apache.org/docs/current/mod/core.html#options
	#
	# (3) If your web host doesn't allow the `FollowSymlinks` option,
	# you need to comment it out or remove it, and then uncomment
	# the `Options +SymLinksIfOwnerMatch` line (4), but be aware
	# of the performance impact.
	#
	# https://httpd.apache.org/docs/current/misc/perf-tuning.html#symlinks
	#
	# (4) Some cloud hosting services will require you set `RewriteBase`.
	#
	# https://www.rackspace.com/knowledge_center/frequently-asked-question/why-is-modrewrite-not-working-on-my-site
	# https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
	#
	# (5) Depending on how your server is set up, you may also need to
	# use the `RewriteOptions` directive to enable some options for
	# the rewrite engine.
	#
	# https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriteoptions
	#
	# (6) Set %{ENV:PROTO} variable, to allow rewrites to redirect with the
	# appropriate schema automatically (http or https).

	<IfModule mod_rewrite.c>

	# (1)
	RewriteEngine On

	# (2)
	Options +FollowSymlinks

	# (3)
	# Options +SymLinksIfOwnerMatch

	# (4)
	# RewriteBase /

	# (5)
	# RewriteOptions <options>

	# (6)
	RewriteCond %{HTTPS} =on
	RewriteRule ^ - [env=proto:https]
	RewriteCond %{HTTPS} !=on
	RewriteRule ^ - [env=proto:http]

	</IfModule>

	# ----------------------------------------------------------------------
	# \| File access \|
	# ----------------------------------------------------------------------

	# Block access to directories without a default document.
	#
	# You should leave the following uncommented, as you shouldn't allow
	# anyone to surf through every directory on your server (which may
	# includes rather private places such as the CMS's directories).

	<IfModule mod_autoindex.c>
	Options -Indexes
	</IfModule>

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# Block access to all hidden files and directories with the exception of
	# the visible content from within the `/.well-known/` hidden directory.
	#
	# These types of files usually contain user preferences or the preserved
	# state of an utility, and can include rather private places like, for
	# example, the `.git` or `.svn` directories.
	#
	# The `/.well-known/` directory represents the standard (RFC 5785) path
	# prefix for "well-known locations" (e.g.: `/.well-known/manifest.json`,
	# `/.well-known/keybase.txt`), and therefore, access to its visible
	# content should not be blocked.
	#
	# https://www.mnot.net/blog/2010/04/07/well-known
	# https://tools.ietf.org/html/rfc5785

	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{REQUEST_URI} "!(^\|/)\.well-known/([^./]+./?)+$" [NC]
	RewriteCond %{SCRIPT_FILENAME} -d [OR]
	RewriteCond %{SCRIPT_FILENAME} -f
	RewriteRule "(^\|/)\." - [F]
	</IfModule>

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# Block access to files that can expose sensitive information.
	#
	# By default, block access to backup and source files that may be
	# left by some text editors and can pose a security risk when anyone
	# has access to them.
	#
	# http://feross.org/cmsploit/
	#
	# (!) Update the `<FilesMatch>` regular expression from below to
	# include any files that might end up on your production server and
	# can expose sensitive information about your website. These files may
	# include: configuration files, files that contain metadata about the
	# project (e.g.: project dependencies), build scripts, etc..

	<FilesMatch "(^#.*#\|\.(bak\|conf\|dist\|fla\|in[ci]\|log\|psd\|sh\|sql\|sw[op])\|~)$">

	# Apache < 2.3
	<IfModule !mod_authz_core.c>
	Order allow,deny
	Deny from all
	Satisfy All
	</IfModule>

	# Apache ≥ 2.3
	<IfModule mod_authz_core.c>
	Require all denied
	</IfModule>

	</FilesMatch>


	# ######################################################################
	# # WEB PERFORMANCE #
	# ######################################################################

	# ----------------------------------------------------------------------
	# \| Compression \|
	# ----------------------------------------------------------------------

	<IfModule mod_deflate.c>

	# Force compression for mangled `Accept-Encoding` request headers
	# https://developer.yahoo.com/blogs/ydn/pushing-beyond-gzipping-25601.html

	<IfModule mod_setenvif.c>
	<IfModule mod_headers.c>
	SetEnvIfNoCase ^(Accept-EncodXng\|X-cept-Encoding\|X{15}\|~{15}\|-{15})$ ^((gzip\|deflate)\s,?\s)+\|[X~-]{4,13}$ HAVE_Accept-Encoding
	RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
	</IfModule>
	</IfModule>

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# Compress all output labeled with one of the following media types.
	#
	# (!) For Apache versions below version 2.3.7 you don't need to
	# enable `mod_filter` and can remove the `<IfModule mod_filter.c>`
	# and `</IfModule>` lines as `AddOutputFilterByType` is still in
	# the core directives.
	#
	# https://httpd.apache.org/docs/current/mod/mod_filter.html#addoutputfilterbytype

	<IfModule mod_filter.c>
	AddOutputFilterByType DEFLATE "application/atom+xml" \
	"application/javascript" \
	"application/json" \
	"application/ld+json" \
	"application/manifest+json" \
	"application/rdf+xml" \
	"application/rss+xml" \
	"application/schema+json" \
	"application/vnd.geo+json" \
	"application/vnd.ms-fontobject" \
	"application/x-font-ttf" \
	"application/x-javascript" \
	"application/x-web-app-manifest+json" \
	"application/xhtml+xml" \
	"application/xml" \
	"font/eot" \
	"font/opentype" \
	"image/bmp" \
	"image/svg+xml" \
	"image/vnd.microsoft.icon" \
	"image/x-icon" \
	"text/cache-manifest" \
	"text/css" \
	"text/html" \
	"text/javascript" \
	"text/plain" \
	"text/vcard" \
	"text/vnd.rim.location.xloc" \
	"text/vtt" \
	"text/x-component" \
	"text/x-cross-domain-policy" \
	"text/xml"

	</IfModule>

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# Map the following filename extensions to the specified
	# encoding type in order to make Apache serve the file types
	# with the appropriate `Content-Encoding` response header
	# (do note that this will NOT make Apache compress them!).
	#
	# If these files types would be served without an appropriate
	# `Content-Enable` response header, client applications (e.g.:
	# browsers) wouldn't know that they first need to uncompress
	# the response, and thus, wouldn't be able to understand the
	# content.
	#
	# https://httpd.apache.org/docs/current/mod/mod_mime.html#addencoding

	<IfModule mod_mime.c>
	AddEncoding gzip svgz
	</IfModule>

	</IfModule>

	</Directory>