-
Notifications
You must be signed in to change notification settings - Fork 1
/
.htaccess
executable file
·273 lines (228 loc) · 11.9 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
# ANTIMATTER STUDIOS HTACCESS FILE
#
# Easy install: You could search this file for (OPTIONAL) and read and change what it says
# Hard install: don't follow instructions and randomly change things until it works
# Very Hard install: Set computer on fire, blame your pet rabbit, even if you don't have one
#
# NOTE: I should refactor my .htaccess against the extra rules
# found in the h5bp .htaccess file, I think it'll help
#
# NOTE: I am partially copying rules as I find they are duplicated
# although this means I have to maintain the file over time,
# adding new things instead of automatically
#
# ----------------------------------------------------------------------
# Enable URL rewriting
# ----------------------------------------------------------------------
RewriteEngine On
#
# ----------------------------------------------------------------------
# Some basic variables that you can change here to affect the rest
# of the htaccess file without digging around for the properties
# ----------------------------------------------------------------------
RewriteRule ^(.*) - [E=__SCRIPT__:__website/amslib_router.php]
# enable debugging when you're on any specific domain
RewriteRule ^(.*) - [E=ENABLE_DEBUG:0]
#RewriteCond %{HTTP_HOST} testing.mydomain.com$
#RewriteRule ^(.*) - [E=ENABLE_DEBUG:1]
# ----------------------------------------------------------------------
# without -MultiViews, Apache will give a 404 for a rewrite if a
# folder of the same name does not exist
# e.g. /blog/hello : webmasterworld.com/apache/3808792.htm
# ----------------------------------------------------------------------
Options +FollowSymlinks -MultiViews
# -----------------------------------------------------------------------
# Don't attempt to manipulate images, javascripts or stylesheets
# -----------------------------------------------------------------------
RewriteCond %{REQUEST_FILENAME} (gif|png|jpg|jpeg|ico|css|js|xml|pdf)$ [NC]
RewriteRule ^(.*)$ - [L]
# -----------------------------------------------------------------------
# Set the __WEBSITE_ROOT__ variable depending on the installation location
# -----------------------------------------------------------------------
# First default this environment variable to the root
RewriteRule ^(.*) - [E=__WEBSITE_ROOT__:/]
# Then, if a path is found, reset the variable to that path
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
RewriteRule ^(.*) - [E=__WEBSITE_ROOT__:%1/]
# -----------------------------------------------------------------------
# Make sure the URL ends with a slash
# -----------------------------------------------------------------------
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !webservice [NC]
RewriteRule ^(.*)([^/])$ %{ENV:__WEBSITE_ROOT__}$1$2/ [L,R=301]
# ------------------------------------------------------------------------------
# | Removing the "www." at the beginning of URLs |
# ------------------------------------------------------------------------------
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# ##############################################################################
# # PHP #
# # Enable php errors. #
# # from: http://perishablepress.com/press/2008/01/14/advanced-php-error-handling-via-htaccess/
# ##############################################################################
#php_flag display_startup_errors off
#php_flag display_errors off
php_flag html_errors on
php_flag log_errors on
php_flag ignore_repeated_errors off
php_flag ignore_repeated_source off
php_flag report_memleaks on
php_flag track_errors on
php_value docref_root 0
php_value docref_ext 0
php_value error_reporting -1
php_value log_errors_max_len 0
# -----------------------------------------------------------------------
# Set the PHP session timeout to be 1 hour
# -----------------------------------------------------------------------
php_value session.gc.maxlifetime 3600
# ##############################################################################
# # CROSS-ORIGIN RESOURCE SHARING (CORS) #
# ##############################################################################
# ------------------------------------------------------------------------------
# | Cross-domain AJAX requests |
# ------------------------------------------------------------------------------
# Enable cross-origin AJAX requests.
# http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity
# http://enable-cors.org/
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
# ------------------------------------------------------------------------------
# | CORS-enabled images |
# ------------------------------------------------------------------------------
# Send the CORS header for images when browsers request it.
# https://developer.mozilla.org/en/CORS_Enabled_Image
# http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
# http://hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
<FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
</IfModule>
# ------------------------------------------------------------------------------
# | Web fonts access |
# ------------------------------------------------------------------------------
# Allow access from all domains for web fonts
<IfModule mod_headers.c>
<FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
# ##############################################################################
# # INTERNET EXPLORER #
# ##############################################################################
# ------------------------------------------------------------------------------
# | Better website experience |
# ------------------------------------------------------------------------------
# Force IE to render pages in the highest available mode in the various
# cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf.
# Use, if installed, Google Chrome Frame.
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge,chrome=1"
# `mod_headers` can't match based on the content-type, however, we only
# want to send this header for HTML pages and not for the other resources
<FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
# ##############################################################################
# # MIME TYPES AND ENCODING #
# ##############################################################################
# ------------------------------------------------------------------------------
# | Proper MIME types for all files |
# ------------------------------------------------------------------------------
<IfModule mod_mime.c>
# Audio
AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg
# JavaScript
# Normalize to standard type (it's sniffed in IE anyways):
# http://tools.ietf.org/html/rfc4329#section-7.2
AddType application/javascript js jsonp
AddType application/json json
# Video
AddType video/mp4 mp4 m4v f4v f4p
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
# Web fonts
AddType application/font-woff woff
AddType application/vnd.ms-fontobject eot
# Browsers usually ignore the font MIME types and sniff the content,
# however, Chrome shows a warning if other MIME types are used for the
# following fonts.
AddType application/x-font-ttf ttc ttf
AddType font/opentype otf
# Make SVGZ fonts work on iPad:
# https://twitter.com/FontSquirrel/status/14855840545
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
# Other
AddType application/octet-stream safariextz
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-shockwave-flash swf
AddType application/x-web-app-manifest+json webapp
AddType application/x-xpinstall xpi
AddType application/xml atom rdf rss xml
AddType image/webp webp
AddType image/x-icon ico
AddType text/cache-manifest appcache manifest
AddType text/vtt vtt
AddType text/x-component htc
AddType text/x-vcard vcf
</IfModule>
# ------------------------------------------------------------------------------
# | UTF-8 encoding |
# ------------------------------------------------------------------------------
# Use UTF-8 encoding for anything served as `text/html` or `text/plain`.
AddDefaultCharset utf-8
# Force UTF-8 for certain file formats.
<IfModule mod_mime.c>
AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml
</IfModule>
# -----------------------------------------------------------------------
# A list of forbidden resources
# -----------------------------------------------------------------------
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh|sql|settings|gitignore|project|package.xml)$">
Order Allow,Deny
Deny from all
</FilesMatch>
RewriteRule amslib_router.xml - [F]
RewriteRule admin_panel.xml - [F]
RewriteRule sample.admin_panel.xml - [F]
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Block access to hidden files and directories.
# This includes directories used by version control systems such as Git and SVN.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Block access to backup and source files.
# These files may be left by some text editors and can pose a great security
# danger when anyone has access to them.
<FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# interesting, so I can block everybody but me?
# lets keep this here and look at it later on to see what I can do with it.
#<Files ~ "\.inc$">
# Order allow,deny
# Deny from all
# Allow from .mydomain.com
#</Files>
# Perhaps you need to comment out -d from here or not, depends on your website
RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !%{ENV:__SCRIPT__}$ [NC]
RewriteRule ^(.*)$ %{ENV:__WEBSITE_ROOT__}%{ENV:__SCRIPT__}?__WEBSITE_ROOT__=%{ENV:__WEBSITE_ROOT__} [L,QSA]