Created
April 23, 2024 08:28
-
-
Save sburlot/10cccff72fb7ab0005b0d684899b32c7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# I use this as a template to enable or disable features on websites. | |
# Not all are activated at the same time, check what you need | |
# | |
# Stephan Burlot coriolis.ch Apr 2024 | |
# | |
## Prevent user enumeration for WordPress | |
RewriteCond %{REQUEST_URI} !^/wp-admin [NC] | |
RewriteCond %{QUERY_STRING} author=\d | |
RewriteRule ^ - [L,R=403] | |
## Block Qwantify | |
## Qwantify doesn't respect the robots.txt file | |
RewriteEngine On | |
RewriteCond %{HTTP_USER_AGENT} Qwantify [NC] | |
RewriteRule .* - [F,L] | |
# Block AI bots | |
RewriteEngine On | |
RewriteCond %{HTTP_USER_AGENT} (AdsBot-Google|Amazonbot|anthropic-ai|Applebot|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot) [NC] | |
RewriteRule ^ – [F] | |
# BEGIN Expire headers for Caching | |
<IfModule mod_expires.c> | |
# Turn on the module. | |
ExpiresActive on | |
# Set the default expiry times. | |
ExpiresDefault "access plus 2 days" | |
ExpiresByType image/jpg "access plus 1 month" | |
ExpiresByType image/svg+xml "access 1 month" | |
ExpiresByType image/gif "access plus 1 month" | |
ExpiresByType image/jpeg "access plus 1 month" | |
ExpiresByType image/png "access plus 1 month" | |
ExpiresByType text/css "access plus 1 month" | |
ExpiresByType image/webp "access plus 1 month" | |
ExpiresByType text/javascript "access plus 1 month" | |
ExpiresByType application/javascript "access plus 1 month" | |
ExpiresByType image/ico "access plus 1 month" | |
ExpiresByType image/x-icon "access plus 1 month" | |
ExpiresByType text/html "access plus 600 seconds" | |
</IfModule> | |
# END Expire headers | |
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" | |
# prevent dot files (not needed with Infomaniak) | |
<FilesMatch "^\.(.*)$"> | |
Require all denied | |
</FilesMatch> | |
<DirectoryMatch "/\.(.*)"> | |
Require all denied | |
</DirectoryMatch> | |
# Redirect new domain | |
# When changing domain name from oldsite.ch to newsite.ch | |
# force a redirect to the new domain | |
RewriteEngine On | |
RewriteCond %{HTTP_HOST} !^newsite.ch$ [NC] | |
RewriteRule (.*) https://newsite.ch//$1 [R=301,L] | |
# prevent all accesses | |
# if you need to temporarily block access to your website | |
RewriteRule ^(.*)$ - [L,G] | |
# If you need to fully disable cache because customer doesnt know how to | |
# clear the browser cache | |
############# DISABLE CACHE | |
<IfModule mod_headers.c> | |
Header set Cache-Control "no-cache, no-store, must-revalidate" | |
Header set Pragma "no-cache" | |
Header set Expires 0 | |
</IfModule> | |
<FilesMatch "\.(css|flv|gif|htm|html|ico|jpe|jpeg|jpg|js|mp3|mp4|png|pdf|swf|txt)$"> | |
<IfModule mod_expires.c> | |
ExpiresActive Off | |
</IfModule> | |
<IfModule mod_headers.c> | |
FileETag None | |
Header unset ETag | |
Header unset Pragma | |
Header unset Cache-Control | |
Header unset Last-Modified | |
Header set Pragma "no-cache" | |
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" | |
Header set Expires "Thu, 1 Jan 1970 00:00:00 GMT" | |
</IfModule> | |
</FilesMatch> | |
############# /DISABLE CACHE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment