schmidt1024/.htaccess

## .htaccess
# Redirect http to https
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

# Browser Caching
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresDefault "access 5 seconds"
  ExpiresByType image/jpg "access 1 month"
  ExpiresByType image/jpeg "access 1 month"
  ExpiresByType image/gif "access 1 month"
  ExpiresByType image/png "access 1 month"
  ExpiresByType image/ico "access 1 month"
  ExpiresByType image/x-icon "access 1 month"
  ExpiresByType text/css "access plus 1 day"
  ExpiresByType text/javascript "access 1 month"
  ExpiresByType application/javascript "access 1 month"
  ExpiresByType application/x-javascript "access 1 month"
  ExpiresByType application/x-shockwave-flash "access 1 month"
</IfModule>

# Alternative Caching
<IfModule mod_headers.c>
  Header append Cache-Control "public"
  Header append Vary Accept-Encoding
  Header set Connection keep-alive
  Header unset ETag
  FileETag None
</IfModule>

# gzip compression
<IfModule mod_deflate.c>
  SetOutputFilter DEFLATE
</IfModule>

# No access to install.php
<files install.php>
  Order allow,deny
  Deny from all
</files>

# No access to wp-config.php
<files wp-config.php>
  Order allow,deny
  Deny from all
</files>

# No access to .htaccess and .htpasswd
<FilesMatch "(\.htaccess|\.htpasswd)">
  Order deny,allow
  Deny from all
</FilesMatch>

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
	# Redirect http to https
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} !=on
	RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
	</IfModule>

	# Browser Caching
	<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresDefault "access 5 seconds"
	ExpiresByType image/jpg "access 1 month"
	ExpiresByType image/jpeg "access 1 month"
	ExpiresByType image/gif "access 1 month"
	ExpiresByType image/png "access 1 month"
	ExpiresByType image/ico "access 1 month"
	ExpiresByType image/x-icon "access 1 month"
	ExpiresByType text/css "access plus 1 day"
	ExpiresByType text/javascript "access 1 month"
	ExpiresByType application/javascript "access 1 month"
	ExpiresByType application/x-javascript "access 1 month"
	ExpiresByType application/x-shockwave-flash "access 1 month"
	</IfModule>

	# Alternative Caching
	<IfModule mod_headers.c>
	Header append Cache-Control "public"
	Header append Vary Accept-Encoding
	Header set Connection keep-alive
	Header unset ETag
	FileETag None
	</IfModule>

	# gzip compression
	<IfModule mod_deflate.c>
	SetOutputFilter DEFLATE
	</IfModule>

	# No access to install.php
	<files install.php>
	Order allow,deny
	Deny from all
	</files>

	# No access to wp-config.php
	<files wp-config.php>
	Order allow,deny
	Deny from all
	</files>

	# No access to .htaccess and .htpasswd
	<FilesMatch "(\.htaccess\|\.htpasswd)">
	Order deny,allow
	Deny from all
	</FilesMatch>

	# BEGIN WordPress
	# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
	# dynamically generated, and should only be modified via WordPress filters.
	# Any changes to the directives between these markers will be overwritten.
	<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
	RewriteBase /
	RewriteRule ^index\.php$ - [L]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule . /index.php [L]
	</IfModule>