-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
44 lines (37 loc) · 1.27 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
Options +FollowSymLinks
##Tweaks##
<IfModule mod_headers.c>
Header set X-Frame-Options SAMEORIGIN
</IfModule>
## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 week"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"
</IfModule>
## EXPIRES CACHING ##
<IfModule mod_headers.c>
# 480 weeks
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=290304000, public, must-revalidate"
</FilesMatch>
# 2 DAYS
<FilesMatch "\.(xml|txt|js|css)$">
Header set Cache-Control "max-age=172800, public, must-revalidate"
</FilesMatch>
# 240 Secs
<FilesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=240, public, must-revalidate"
</FilesMatch>
</IfModule>
# Use HTTP Strict Transport Security to force client to use secure connections only
Header always set Strict-Transport-Security "max-age=300; includeSubDomains; preload"