mirror of
				https://github.com/e107inc/e107.git
				synced 2025-10-26 19:21:54 +01:00 
			
		
		
		
	
		
			
				
	
	
		
			127 lines
		
	
	
		
			4.0 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			127 lines
		
	
	
		
			4.0 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| # Custom error pages for php scripts only
 | |
| <FilesMatch \.php$>
 | |
| 	ErrorDocument 400 /error.php?400
 | |
| 	ErrorDocument 401 /error.php?401
 | |
| 	ErrorDocument 403 /error.php?403
 | |
| 	ErrorDocument 404 /error.php?404
 | |
| 	ErrorDocument 500 /error.php?500
 | |
| </FilesMatch>
 | |
| 
 | |
| ### Performance
 | |
| ### AddDefaultCharset utf-8
 | |
| 
 | |
| ### Security
 | |
| 	ServerSignature Off
 | |
| 
 | |
| #Header unset Pragma
 | |
| 
 | |
| # secure htaccess file
 | |
| <Files .htaccess>
 | |
| 	order allow,deny
 | |
| 	deny from all
 | |
| </Files>
 | |
| 
 | |
| # protect e107_config.php
 | |
| <Files e107_config.php>
 | |
| 	order allow,deny
 | |
| 	deny from all
 | |
| </Files>
 | |
| 
 | |
| 
 | |
| ### Block Bad Bots
 | |
| 	SetEnvIfNoCase ^User-Agent$ .*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures) HTTP_SAFE_BADBOT
 | |
| 	SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT
 | |
| 	Deny from env=HTTP_SAFE_BADBOT
 | |
| 
 | |
| ### Disable directory listing
 | |
| 	Options -Indexes -MultiViews
 | |
| 
 | |
| ### limit file uploads to 10mb
 | |
| ### LimitRequestBody 10240000
 | |
| 
 | |
| <IfModule mod_rewrite.c>
 | |
| 
 | |
|     <IfModule mod_env.c>
 | |
|         SetEnv HTTP_MOD_REWRITE On
 | |
|         SetEnv HTTP_MOD_REWRITE_MEDIA On
 | |
|         SetEnv HTTP_MOD_REWRITE_STATIC On
 | |
|     </IfModule>
 | |
| 
 | |
| ### enable rewrites
 | |
| ###	Options +FollowSymLinks 
 | |
| 	RewriteEngine On
 | |
| 
 | |
| 
 | |
| ### Set this to your e107 site root, path relative to web root
 | |
| ### Uncomment it in case your server isn't able to rewrite proper 
 | |
| 	#RewriteBase /
 | |
| 	
 | |
| ### Allow only GET and POST methods
 | |
| 	RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)
 | |
| 
 | |
| 
 | |
| 	RewriteRule .* - [F]
 | |
| 
 | |
| ### Rewrite for Image URLs
 | |
|     ReWriteRule ^media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_MEDIA_IMAGE/$5&$1w=$2&$3h=$4 [NC,L]
 | |
|     ReWriteRule ^media\/avatar\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_AVATAR/$5&$1w=$2&$3h=$4 [NC,L]
 | |
|     RewriteRule ^media\/img\/([-A-Za-z0-9+/]*={0,3})\.(jpg|gif|png)?$ thumb.php?id=$1 [NC,L]
 | |
|     ReWriteRule ^theme\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_THEME/$5&$1w=$2&$3h=$4 [NC,L]
 | |
| 
 | |
| ### Redirect all www. URLs
 | |
| ###	RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
 | |
| ###	RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
 | |
| 
 | |
| 
 | |
| ### Rewrite for Static Scripts
 | |
|     ReWriteRule ^static\/[0-9]*\/(.*)$ $1 [NC,L]
 | |
| 
 | |
| ### send 404 on missing files in these folders 
 | |
| 	RewriteCond %{REQUEST_URI} !^/(e107_images|e107_files)/
 | |
|     RewriteCond %{REQUEST_URI} !\.(css|js|swf|mp3|mp4|eot|otf|ttc|ttf|woff|woff2)$ [NC]
 | |
| 
 | |
| ### don't rewrite for existing files, directories and links
 | |
| 	RewriteCond %{REQUEST_FILENAME} !-f
 | |
| 	RewriteCond %{REQUEST_FILENAME} !-d
 | |
| 	RewriteCond %{REQUEST_FILENAME} !-l 
 | |
| 	
 | |
| ### Single entry point ###
 | |
| 	RewriteRule .* index.php [L]
 | |
| 
 | |
| </IfModule>
 | |
| 
 | |
| ### Mod_Expires Settings (when available)
 | |
| ### May be modified if required
 | |
|     <IfModule mod_expires.c>
 | |
|         ExpiresActive On
 | |
|         ExpiresDefault "access plus 2 hours"
 | |
|         ExpiresByType image/x-icon "access plus 1 year"
 | |
|         ExpiresByType image/gif "access plus 1 week"
 | |
|         ExpiresByType image/png "access plus 1 week"
 | |
|         ExpiresByType image/jpg "access plus 1 week"
 | |
|         ExpiresByType image/jpeg "access plus 1 week"
 | |
|         ExpiresByType text/css "access plus 1 month"
 | |
|         ExpiresByType application/javascript "access plus 1 month"
 | |
|         ExpiresByType text/javascript "access plus 1 month"
 | |
|         ExpiresByType text/x-javascript "access plus 1 month"
 | |
|     </IfModule>
 | |
| 
 | |
| ### Gzip Compression Module
 | |
| <ifmodule mod_deflate.c>
 | |
|     AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript application/xml text/xml application/rss+xml image/svg+xml image/x-icon application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf
 | |
| </ifmodule>
 | |
| 
 | |
| <FilesMatch "\.(js|css|ico|pdf|flv|jpg|jpeg|png|gif|swf|mp3|mp4|eot|otf|ttc|ttf|woff|woff2)">
 | |
|     <IfModule mod_headers.c>
 | |
|         Header set Cache-Control "public"
 | |
|         Header unset Cookie
 | |
|         Header unset Set-Cookie
 | |
|       # Header set Access-Control-Allow-Origin "http://mydomain.com"
 | |
|       # Header set Access-Control-Allow-Origin "*" # if you're seeing console errors.
 | |
|   </IfModule>
 | |
| </FilesMatch>
 | |
| 
 | |
| 
 | |
| ### Enable when developing locally. 
 | |
| ### SetEnv E_DEV true
 |