-
-
Notifications
You must be signed in to change notification settings - Fork 213
/
e107.htaccess
126 lines (96 loc) · 4.03 KB
/
e107.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# Custom error pages for php scripts only
<FilesMatch \.php$>
ErrorDocument 400 /error.php?400
ErrorDocument 401 /error.php?401
ErrorDocument 403 /error.php?403
ErrorDocument 404 /error.php?404
ErrorDocument 500 /error.php?500
</FilesMatch>
### Performance
### AddDefaultCharset utf-8
### Security
ServerSignature Off
#Header unset Pragma
# secure htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
# protect e107_config.php
<Files e107_config.php>
order allow,deny
deny from all
</Files>
### Block Bad Bots
SetEnvIfNoCase ^User-Agent$ .*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures) HTTP_SAFE_BADBOT
SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT
Deny from env=HTTP_SAFE_BADBOT
### Disable directory listing
Options -Indexes -MultiViews
### limit file uploads to 10mb
### LimitRequestBody 10240000
<IfModule mod_rewrite.c>
<IfModule mod_env.c>
SetEnv HTTP_MOD_REWRITE On
SetEnv HTTP_MOD_REWRITE_MEDIA On
SetEnv HTTP_MOD_REWRITE_STATIC On
</IfModule>
### enable rewrites
### Options +FollowSymLinks
RewriteEngine On
### Set this to your e107 site root, path relative to web root
### Uncomment it in case your server isn't able to rewrite proper
#RewriteBase /
### Allow only GET and POST methods
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)
RewriteRule .* - [F]
### Rewrite for Image URLs
ReWriteRule ^media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_MEDIA_IMAGE/$5&$1w=$2&$3h=$4 [NC,L]
ReWriteRule ^media\/avatar\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_AVATAR/$5&$1w=$2&$3h=$4 [NC,L]
RewriteRule ^media\/img\/([-A-Za-z0-9+/]*={0,3})\.(jpg|gif|png)?$ thumb.php?id=$1 [NC,L]
ReWriteRule ^theme\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_THEME/$5&$1w=$2&$3h=$4 [NC,L]
### Redirect all www. URLs
### RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
### RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
### Rewrite for Static Scripts
ReWriteRule ^static\/[0-9]*\/(.*)$ $1 [NC,L]
### send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(e107_images|e107_files)/
RewriteCond %{REQUEST_URI} !\.(css|js|swf|mp3|mp4|eot|otf|ttc|ttf|woff|woff2)$ [NC]
### don't rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
### Single entry point ###
RewriteRule .* index.php [L]
</IfModule>
### Mod_Expires Settings (when available)
### May be modified if required
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 2 hours"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresByType image/gif "access plus 1 week"
ExpiresByType image/png "access plus 1 week"
ExpiresByType image/jpg "access plus 1 week"
ExpiresByType image/jpeg "access plus 1 week"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
</IfModule>
### Gzip Compression Module
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript application/xml text/xml application/rss+xml image/svg+xml image/x-icon application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf
</ifmodule>
<FilesMatch "\.(js|css|ico|pdf|flv|jpg|jpeg|png|gif|swf|mp3|mp4|eot|otf|ttc|ttf|woff|woff2)">
<IfModule mod_headers.c>
Header set Cache-Control "public"
Header unset Cookie
Header unset Set-Cookie
# Header set Access-Control-Allow-Origin "http://mydomain.com"
# Header set Access-Control-Allow-Origin "*" # if you're seeing console errors.
</IfModule>
</FilesMatch>
### Enable when developing locally.
### SetEnv E_DEV true