-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess
135 lines (97 loc) · 3.6 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
ServerSignature Off
Options -Indexes
Options FollowSymLinks
DirectoryIndex index.php
AddDefaultCharset UTF-8
php_value error_reporting "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT"
php_value memory_limit "600M"
php_value safe_mode 0
php_value register_globals 0
php_value track_vars 1
php_value short_open_tag 1
php_value magic_quotes_gpc 0
php_value magic_quotes_runtime 0
php_value magic_quotes_sybase 0
php_value arg_separator.output "&"
php_value upload_max_filesize "500M"
php_value post_max_size "500M"
php_value allow_call_time_pass_reference Off
php_value session.gc_maxlifetime 120960
php_value session.cookie_lifetime 120960
php_value session.cookie_httponly 1
php_value zlib.output_compression Off
php_value max_execution_time 600
php_value date.timezone "Europe/Moscow"
php_value expose_php off
<Files ~ "(\.(tpl|sql|log|cache|inc)|CVS)$">
order deny,allow
deny from all
</Files>
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_headers.c>
Header unset Server
Header always unset Server
Header unset X-Powered-By
Header always unset X-Powered-By
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options: "nosniff"
</IfModule>
<ifModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
AddOutputFilterByType DEFLATE text/xml application/xml application/xhtml+xml application/rss+xml
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon
</ifModule>
<ifModule mod_headers.c>
<FilesMatch "\.(js|css)$">
Header set Cache-Control "max-age=2592000"
#Header unset Last-Modified
</FilesMatch>
<FilesMatch "\.(flv|swf|ico|gif|jpg|jpeg|png)$">
Header set Cache-Control "max-age=2592000"
</FilesMatch>
<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
#ExpiresDefault "access plus 10 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
</IfModule>
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
FileETag None
<IfModule mod_rewrite.c>
RewriteEngine on
## http -> https
RewriteCond %{HTTPS} off
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
## https -> http
#RewriteCond %{HTTPS} on
#RewriteRule (.*) http://%{SERVER_NAME}%{REQUEST_URI} [L,R]
# remove last slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !index.php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*)?(.*) index.php?url=$1&%{QUERY_STRING}
RewriteCond %{REQUEST_FILENAME} !index.php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*) index.php?url=$1
</IfModule>