-
-
Save serverok/5d43d99d4af1d873b31aa816fb186b0b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Optional override of deployment mode. We recommend you use the | |
## command bin/magento deploy:mode:set to switch modes instead | |
# Options are default, production, or developer | |
# SetEnv MAGE_MODE default | |
############################################ | |
## Uncomment these lines for CGI mode. | |
## Make sure to specify the correct cgi php binary file name | |
## it might be /cgi-bin/php-cgi | |
# Action php5-cgi /cgi-bin/php5-cgi | |
# AddHandler php5-cgi .php | |
############################################ | |
## GoDaddy specific options | |
#Options -MultiViews | |
## You might also need to add this line to php.ini | |
## cgi.fix_pathinfo = 1 | |
## If it still doesn't work, rename php.ini to php5.ini | |
############################################ | |
## This line is specific for 1and1 hosting | |
#AddType x-mapp-php5 .php | |
#AddHandler x-mapp-php5 .php | |
############################################ | |
## Default index file | |
DirectoryIndex index.php | |
<IfModule mod_php5.c> | |
############################################ | |
## Adjust memory limit | |
php_value memory_limit 756M | |
php_value max_execution_time 18000 | |
############################################ | |
## Disable automatic session start | |
## before autoload was initialized | |
php_flag session.auto_start off | |
############################################ | |
## Enable resulting html compression | |
#php_flag zlib.output_compression on | |
########################################### | |
# Disable user agent verification to not break multiple image upload | |
php_flag suhosin.session.cryptua off | |
</IfModule> | |
<IfModule mod_php7.c> | |
############################################ | |
## Adjust memory limit | |
php_value memory_limit 756M | |
php_value max_execution_time 18000 | |
############################################ | |
## Disable automatic session start | |
## before autoload was initialized | |
php_flag session.auto_start off | |
############################################ | |
## Enable resulting html compression | |
#php_flag zlib.output_compression on | |
########################################### | |
# Disable user agent verification to not break multiple image upload | |
php_flag suhosin.session.cryptua off | |
</IfModule> | |
<IfModule mod_security.c> | |
########################################### | |
# Disable POST processing to not break multiple image upload | |
SecFilterEngine Off | |
SecFilterScanPOST Off | |
</IfModule> | |
<IfModule mod_deflate.c> | |
############################################ | |
## Enable apache served files compression | |
## http://developer.yahoo.com/performance/rules.html#gzip | |
# Insert filter on all content | |
###SetOutputFilter DEFLATE | |
# Insert filter on selected content types only | |
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript | |
# Netscape 4.x has some problems... | |
#BrowserMatch ^Mozilla/4 gzip-only-text/html | |
# Netscape 4.06-4.08 have some more problems | |
#BrowserMatch ^Mozilla/4\.0[678] no-gzip | |
# MSIE masquerades as Netscape, but it is fine | |
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html | |
# Don't compress images | |
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary | |
# Make sure proxies don't deliver the wrong content | |
#Header append Vary User-Agent env=!dont-vary | |
</IfModule> | |
<IfModule mod_ssl.c> | |
############################################ | |
## Make HTTPS env vars available for CGI mode | |
SSLOptions StdEnvVars | |
</IfModule> | |
<IfModule mod_rewrite.c> | |
############################################ | |
## Enable rewrites | |
Options +FollowSymLinks | |
RewriteEngine on | |
############################################ | |
## You can put here your magento root folder | |
## path relative to web root | |
#RewriteBase /magento/ | |
############################################ | |
## Workaround for HTTP authorization | |
## in CGI environment | |
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
############################################ | |
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks | |
RewriteCond %{REQUEST_METHOD} ^TRAC[EK] | |
RewriteRule .* - [L,R=405] | |
############################################ | |
## Never rewrite for existing files, directories and links | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteCond %{REQUEST_FILENAME} !-l | |
############################################ | |
## Rewrite everything else to index.php | |
RewriteRule .* index.php [L] | |
</IfModule> | |
############################################ | |
## Prevent character encoding issues from server overrides | |
## If you still have problems, use the second line instead | |
AddDefaultCharset Off | |
#AddDefaultCharset UTF-8 | |
<IfModule mod_expires.c> | |
############################################ | |
## Add default Expires header | |
## http://developer.yahoo.com/performance/rules.html#expires | |
ExpiresDefault "access plus 1 year" | |
ExpiresByType text/html A0 | |
ExpiresByType text/plain A0 | |
</IfModule> | |
########################################### | |
## Deny access to release notes to prevent disclosure of the installed Magento version | |
<Files RELEASE_NOTES.txt> | |
<IfVersion < 2.4> | |
order allow,deny | |
deny from all | |
</IfVersion> | |
<IfVersion >= 2.4> | |
Require all denied | |
</IfVersion> | |
</Files> | |
# For 404s and 403s that aren't handled by the application, show plain 404 response | |
ErrorDocument 404 /errors/404.php | |
ErrorDocument 403 /errors/404.php | |
############################################ | |
## If running in cluster environment, uncomment this | |
## http://developer.yahoo.com/performance/rules.html#etags | |
#FileETag none | |
########################################### | |
## Deny access to cron.php | |
<Files cron.php> | |
<IfVersion < 2.4> | |
order allow,deny | |
deny from all | |
</IfVersion> | |
<IfVersion >= 2.4> | |
Require all denied | |
</IfVersion> | |
</Files> | |
<IfModule mod_headers.c> | |
############################################ | |
## Prevent clickjacking | |
Header set X-Frame-Options SAMEORIGIN | |
</IfModule> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment