-
Notifications
You must be signed in to change notification settings - Fork 2
/
.htaccess
285 lines (284 loc) · 13.5 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
# Begins CORS
# RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# ----------------------------------------------------------------------
# | Cross-origin images |
# ----------------------------------------------------------------------
# Send the CORS header for images when browsers request it.
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
<FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
</IfModule>
# ----------------------------------------------------------------------
# | Cross-origin web fonts |
# ----------------------------------------------------------------------
# Allow cross-origin access to web fonts.
<IfModule mod_headers.c>
<FilesMatch "\.(eot|otf|tt[cf]|woff2?)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
# ----------------------------------------------------------------------
# | Document modes |
# ----------------------------------------------------------------------
# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
# HTML documents and not for the other resources.
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
# ----------------------------------------------------------------------
# | File access |
# ----------------------------------------------------------------------
# Block access to directories without a default document.
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Block access to files that can expose sensitive information.
#
<FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$">
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
Satisfy All
</IfModule>
# Apache ≥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</FilesMatch>
</IfModule>
# ----------------------------------------------------------------------
# | Expires headers |
# ----------------------------------------------------------------------
# BEGIN Expire headers
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 month"
# CSS
ExpiresByType text/css "access plus 1 year"
# Data interchange
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
# Favicon (cannot be renamed!) and cursor images
ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
# HTML
ExpiresByType text/html "access plus 0 seconds"
# JavaScript
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
# Manifest files
ExpiresByType application/manifest+json "access plus 1 year"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Media files
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/bmp "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
# Web fonts
# Embedded OpenType (EOT)
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType font/eot "access plus 1 year"
# OpenType
ExpiresByType font/opentype "access plus 1 year"
# TrueType
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType font/ttf "access plus 1 year"
# Web Open Font Format (WOFF) 1.0
ExpiresByType application/font-woff "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType font/woff "access plus 1 year"
# Web Open Font Format (WOFF) 2.0
ExpiresByType application/font-woff2 "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
# Other
ExpiresByType text/x-cross-domain-policy "access plus 1 week"
</IfModule>
# END Expire headers
# BEGIN Cache-Control Headers
<IfModule mod_headers.c>
<FilesMatch "\\.(ttf|woff|woff2|eot)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\\.(ico|jpe?g|png|webp|gif|swf|gz)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\\.(css)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
<FilesMatch "\\.(js)$">
Header set Cache-Control "max-age=31536000, private"
</FilesMatch>
<FilesMatch "\\.(x?html?|php)$">
Header set Cache-Control "max-age=600, private, must-revalidate"
#Header set Pragma "cache"
</FilesMatch>
</IfModule>
# END Cache-Control Headers
# BEGIN Turn ETags Off
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
FileETag None
# END Turn ETags Off
<IfModule mod_headers.c>
# BEGIN Remove Last-Modified Header
Header unset Last-Modified
</IfModule>
# END Remove Last-Modified Header
# BEGIN Compress text files
<IfModule mod_deflate.c>
# #DeflateCompressionLevel 1
<FilesMatch "\.(css|js|x?html?|php)$">
SetOutputFilter DEFLATE
</FilesMatch>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/xml text/css text/javascript text/html text/plain application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript
</IfModule>
# Properly handle old browsers that do not support compression
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Explicitly exclude binary files from compression just in case
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|pdf|swf|ico|zip)$ no-gzip
# Below uses mod_deflate to compress text files. Never compress binary files.
<IfModule mod_headers.c>
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
# set cache control to private to ignore proxies and avoid edge cases
Header append Cache-Control "private"
# Remove the vary header for MSIE
BrowserMatch "MSIE" force-no-vary
</IfModule>
</IfModule>
# ----------------------------------------------------------------------
# | Reducing MIME type security risks |
# ----------------------------------------------------------------------
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
</IfModule>
# END Compress text files
###### Config Global
# ----------------------------------------------------------------------
# | Character encodings |
# ----------------------------------------------------------------------
AddDefaultCharset utf-8
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Serve the following file types with the media type `charset`
# parameter set to `UTF-8`.
<IfModule mod_mime.c>
AddCharset utf-8 .atom \
.bbaw \
.css \
.geojson \
.js \
.json \
.jsonld \
.rdf \
.rss \
.topojson \
.vtt \
.webapp \
.xloc \
.xml
</IfModule>
# ----------------------------------------------------------------------
# | Rewrite engine |
# ----------------------------------------------------------------------
DirectoryIndex index.php
#RewriteBase /
# ----------------------------------------------------------------------
# Custom 404 page
# ----------------------------------------------------------------------
# You can add custom pages to handle 500 or 403 pretty easily, if you like.
ErrorDocument 401 /index.php?http_error=401
ErrorDocument 403 /index.php?http_error=403
ErrorDocument 404 /index.php?http_error=404
ErrorDocument 500 /index.php?http_error=500
<IfModule mod_rewrite.c>
#Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTP_HOST} !^(?:[-_0-9a-zA-Z]+\.){2,}
RewriteRule .* http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#<IfModule mod_ssl.c>
# RewriteCond %{HTTPS} !=on [OR]
# RewriteCond %{SERVER_PORT} 80
# RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L]
#</IfModule>
# ----------------------------------------------------------------------
# Redirect Rewrite
# ----------------------------------------------------------------------
# RewriteRule ^fr/catalog/$ http://www.magixcms3.test/fr/news/ [R=301,L]
# Redirect a plus sign
# RewriteRule ^fr/actualites/tag/magix[\s+]cms[\s+]3 http://www.magixcms3.test/fr/news/tag/39-magix-cms-3/ [R=301,L]
# ----------------------------------------------------------------------
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Language
RewriteCond %{REQUEST_URI} !^/amp
RewriteCond %{QUERY_STRING} !(strLangue)+
RewriteRule ^([-_a-zA-Z]{1,5})/(.*) /$2?strLangue=$1 [QSA,L]
# AMP
RewriteCond %{REQUEST_URI} ^/amp
RewriteRule ^(?:amp)/(.*) /$1?amp=1 [QSA,L]
# Web Service
RewriteRule ^webservice/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice [QSA,L]
RewriteRule ^webservice[/]([a-zA-Z]+)/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice&collection=$1 [QSA,L]
RewriteRule ^webservice[/]([a-zA-Z]+)[/]([0-9]+)/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice&collection=$1&id=$2 [QSA,L]
RewriteRule ^webservice[/]([a-zA-Z]+)[/]([0-9]+)/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice&collection=$1&id=$2&action=$3 [QSA,L]
RewriteRule ^webservice[/]([a-zA-Z]+)[/]([a-zA-Z]+)/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice&collection=$1&retrieve=$2 [QSA,L]
RewriteRule ^webservice[/]([a-zA-Z]+)[/]([a-zA-Z]+)[/]([0-9]+)/{0,1}$ %{ENV:REWRITEBASE}/index.php?controller=webservice&collection=$1&retrieve=$2&id=$3 [QSA,L]
# Pagination
RewriteCond %{QUERY_STRING} !(page)+
RewriteRule (.*)/page/(\d*)/{0,1}$ /$1?page=$2 [QSA,L]
# News tags
RewriteCond %{QUERY_STRING} !(tag)+
RewriteRule (.*)/tag/([/0-9]+)[-]([-_0-9a-zA-Z]+)/{0,1}$ /$1?tag=$2 [QSA,L]
# id page and id parent page
RewriteCond %{QUERY_STRING} ^(id=)|(&id=)+
RewriteRule (.*)/([/0-9]+)[-]([-_0-9a-zA-Z]+)/{0,1}$ /$1?id_parent=$2&url_parent=$3 [QSA,L]
RewriteRule (.*)/([/0-9]+)[-]([-_0-9a-zA-Z]+)/{0,1}$ /$1?id=$2&url=$3 [QSA,L]
# Date and year
RewriteRule (.*)/(\d{4}/\d{2}/\d{2})/{0,1}$ /$1?date=$2 [QSA,L]
RewriteCond %{QUERY_STRING} !(date)+
RewriteRule (.*)/(\d{4})/(\d{2})/{0,1}$ /$1?year=$2&month=$3 [QSA,L]
RewriteCond %{QUERY_STRING} !(year)+
RewriteRule (.*)/(\d{4})/{0,1}$ /$1?year=$2 [QSA,L]
# Custom action
RewriteCond %{QUERY_STRING} !(action)+
RewriteRule (.*)/([0-9a-zA-Z]+)/{0,1}$ /$1?action=$2 [QSA,L]
# Custom hash key
RewriteCond %{QUERY_STRING} !(hash)+
RewriteRule (.*)/([0-9a-zA-Z]+)/{0,1}$ /$1?hash=$2 [QSA,L]
# Controller
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([0-9a-zA-Z]+)/{0,1}$ /index.php?controller=$1 [QSA,L]
</IfModule>