Managed Business Technology Solutions Website Development & Hosting Virus Removal & Cleanup System Restoration & Data Recovery
Vipre Internet Security
Home > Knowledge Base

Example htaccess File

  1. # ------------------------------------------------------------------------------
  2. # | Compression |
  3. # ------------------------------------------------------------------------------
  4.  
  5. <IfModule mod_deflate.c>
  6.  
  7. # Force compression for mangled headers.
  8. # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping
  9. <IfModule mod_setenvif.c>
  10. <IfModule mod_headers.c>
  11. SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
  12. RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
  13. </IfModule>
  14. </IfModule>
  15.  
  16. # Compress all output labeled with one of the following MIME-types
  17. # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
  18. # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines
  19. # as `AddOutputFilterByType` is still in the core directives).
  20. <IfModule mod_filter.c>
  21. AddOutputFilterByType DEFLATE application/atom+xml \
  22. application/javascript \
  23. application/json \
  24. application/rss+xml \
  25. application/vnd.ms-fontobject \
  26. application/x-font-ttf \
  27. application/x-web-app-manifest+json \
  28. application/xhtml+xml \
  29. application/xml \
  30. font/opentype \
  31. image/svg+xml \
  32. image/x-icon \
  33. text/css \
  34. text/html \
  35. text/plain \
  36. text/x-component \
  37. text/xml
  38. </IfModule>
  39.  
  40. </IfModule>
  41.  
  42.  
  43. # ------------------------------------------------------------------------------
  44. # | Browser Caching |
  45. # ------------------------------------------------------------------------------
  46.  
  47. <IfModule mod_expires.c>
  48.  
  49. ExpiresActive on
  50. ExpiresDefault "access plus 0 seconds"
  51.  
  52. # CSS
  53. ExpiresByType text/css "access plus 1 week"
  54.  
  55. # Documents
  56. ExpiresByType application/pdf "access plus 0 second"
  57.  
  58. # Data interchange
  59. ExpiresByType application/json "access plus 0 seconds"
  60. ExpiresByType application/xml "access plus 0 seconds"
  61. ExpiresByType text/xml "access plus 0 seconds"
  62.  
  63. # Favicon (cannot be renamed!) and cursor images
  64. ExpiresByType image/x-icon "access plus 1 week"
  65.  
  66. # HTML components (HTCs)
  67. ExpiresByType text/x-component "access plus 1 month"
  68.  
  69. # HTML
  70. ExpiresByType text/html "access plus 0 seconds"
  71.  
  72. # JavaScript
  73. ExpiresByType application/javascript "access plus 1 week"
  74.  
  75. # Manifest files
  76. ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
  77. ExpiresByType text/cache-manifest "access plus 0 seconds"
  78.  
  79. # Media
  80. ExpiresByType audio/ogg "access plus 1 month"
  81. ExpiresByType image/gif "access plus 1 month"
  82. ExpiresByType image/jpeg "access plus 1 month"
  83. ExpiresByType image/png "access plus 1 month"
  84. ExpiresByType video/mp4 "access plus 1 month"
  85. ExpiresByType video/ogg "access plus 1 month"
  86. ExpiresByType video/webm "access plus 1 month"
  87. ExpiresByType application/x-shockwave-flash "access plus 1 week"
  88.  
  89. # Web feeds
  90. ExpiresByType application/atom+xml "access plus 1 hour"
  91. ExpiresByType application/rss+xml "access plus 1 hour"
  92.  
  93. # Web fonts
  94. ExpiresByType application/font-woff "access plus 1 month"
  95. ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
  96. ExpiresByType application/x-font-ttf "access plus 1 month"
  97. ExpiresByType font/opentype "access plus 1 month"
  98. ExpiresByType image/svg+xml "access plus 1 month"
  99.  
  100. </IfModule>
  101.  
  102.  
  103. # ------------------------------------------------------------------------------
  104. # | File access |
  105. # ------------------------------------------------------------------------------
  106.  
  107. # Block access to directories without a default document.
  108. # Usually you should leave this uncommented because you shouldn't allow anyone
  109. # to surf through every directory on your server (which may include rather
  110. # private places like the CMS's directories).
  111.  
  112. <IfModule mod_autoindex.c>
  113. Options -Indexes
  114. </IfModule>
  115.  
  116. # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  117.  
  118. # Block access to backup and source files.
  119. # These files may be left by some text editors and can pose a great security
  120. # danger when anyone has access to them.
  121.  
  122. <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|orig|old|sw[op])|~)$">
  123.  
  124. # Apache < 2.3
  125. <IfModule !mod_authz_core.c>
  126. Order allow,deny
  127. Deny from all
  128. Satisfy All
  129. </IfModule>
  130.  
  131. # Apache = 2.3
  132. <IfModule mod_authz_core.c>
  133. Require all denied
  134. </IfModule>
  135.  
  136. </FilesMatch>
  137.  
  138.  
  139. # ------------------------------------------------------------------------------
  140. # | Content transformations |
  141. # ------------------------------------------------------------------------------
  142.  
  143. # Prevent some of the mobile network providers from modifying the content of
  144. # your site: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.5.
  145.  
  146. # <IfModule mod_headers.c>
  147. # Header set Cache-Control "no-transform"
  148. # </IfModule>
  149.  
  150.  
  151. # ------------------------------------------------------------------------------
  152. # | UTF-8 encoding |
  153. # ------------------------------------------------------------------------------
  154.  
  155. # Use UTF-8 encoding for anything served as `text/html` or `text/plain`.
  156. AddDefaultCharset utf-8
  157.  
  158. # Force UTF-8 for certain file formats.
  159. <IfModule mod_mime.c>
  160. AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml
  161. </IfModule>
  162.  
  163.  
  164. # ------------------------------------------------------------------------------
  165. # | File concatenation |
  166. # ------------------------------------------------------------------------------
  167.  
  168. # Allow concatenation from within specific CSS and JS files, e.g.:
  169. # Inside of `script.combined.js` you could have
  170. # <!--#include file="libs/jquery.js" -->
  171. # <!--#include file="plugins/jquery.idletimer.js" -->
  172. # and they would be included into this single file.
  173.  
  174. <IfModule mod_include.c>
  175. <FilesMatch "\.combined\.js$">
  176. Options +Includes
  177. AddOutputFilterByType INCLUDES application/javascript application/json
  178. SetOutputFilter INCLUDES
  179. </FilesMatch>
  180. <FilesMatch "\.combined\.css$">
  181. Options +Includes
  182. AddOutputFilterByType INCLUDES text/css
  183. SetOutputFilter INCLUDES
  184. </FilesMatch>
  185. </IfModule>
  186.  
  187.  
  188. # ------------------------------------------------------------------------------
  189. # | Better website experience |
  190. # ------------------------------------------------------------------------------
  191.  
  192. # Force IE to render pages in the highest available mode in the various
  193. # cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf.
  194.  
  195. <IfModule mod_headers.c>
  196. Header set X-UA-Compatible "IE=edge"
  197. # `mod_headers` can't match based on the content-type, however, we only
  198. # want to send this header for HTML pages and not for the other resources
  199. <FilesMatch "\.(appcache|crx|css|cur|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$">
  200. Header unset X-UA-Compatible
  201. </FilesMatch>
  202. </IfModule>
  203.  
  204.  
  205. # ------------------------------------------------------------------------------
  206. # | Proper MIME types for all files |
  207. # ------------------------------------------------------------------------------
  208.  
  209. <IfModule mod_mime.c>
  210.  
  211. # Audio
  212. AddType audio/mp4 m4a f4a f4b
  213. AddType audio/ogg oga ogg
  214.  
  215. # JavaScript
  216. # Normalize to standard type (it's sniffed in IE anyways):
  217. # http://tools.ietf.org/html/rfc4329#section-7.2
  218. AddType application/javascript js
  219. AddType application/json json
  220.  
  221. # Video
  222. AddType video/mp4 f4v f4p m4v mp4
  223. AddType video/ogg ogv
  224. AddType video/webm webm
  225. AddType video/x-flv flv
  226.  
  227. # Web fonts
  228. AddType application/font-woff woff
  229. AddType application/vnd.ms-fontobject eot
  230.  
  231. # Browsers usually ignore the font MIME types and sniff the content,
  232. # however, Chrome shows a warning if other MIME types are used for the
  233. # following fonts.
  234. AddType application/x-font-ttf ttc ttf
  235. AddType font/opentype otf
  236.  
  237. # Make SVGZ fonts work on iPad:
  238. # https://twitter.com/FontSquirrel/status/14855840545
  239. AddType image/svg+xml svgz
  240. AddEncoding gzip svgz
  241.  
  242. # Other
  243. AddType application/octet-stream safariextz
  244. AddType application/x-chrome-extension crx
  245. AddType application/x-opera-extension oex
  246. AddType application/x-web-app-manifest+json webapp
  247. AddType application/x-xpinstall xpi
  248. AddType application/xml atom rdf rss xml
  249. AddType image/webp webp
  250. AddType image/x-icon cur
  251. AddType text/cache-manifest appcache manifest
  252. AddType text/vtt vtt
  253. AddType text/x-component htc
  254. AddType text/x-vcard vcf
  255.  
  256. </IfModule>
  257.  
  258.  
  259. # ------------------------------------------------------------------------------
  260. # | Suppressing / Forcing the "www." at the beginning of URLs |
  261. # ------------------------------------------------------------------------------
  262.  
  263. # The same content should never be available under two different URLs especially
  264. # not with and without "www." at the beginning. This can cause SEO problems
  265. # (duplicate content), therefore, you should choose one of the alternatives and
  266. # redirect the other one.
  267.  
  268. # By default option 1 (no "www.") is activated:
  269. # http://no-www.org/faq.php?q=class_b
  270.  
  271. # If you'd prefer to use option 2, just comment out all the lines from option 1
  272. # and uncomment the ones from option 2.
  273.  
  274. # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
  275.  
  276. # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  277.  
  278. # Option 1: rewrite www.example.com ? example.com
  279.  
  280. # <IfModule mod_rewrite.c>
  281. # RewriteCond %{HTTPS} !=on
  282. # RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
  283. # RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
  284. # </IfModule>
  285.  
  286. # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  287.  
  288. # Option 2: rewrite example.com ? www.example.com
  289.  
  290. # Be aware that the following might not be a good idea if you use "real"
  291. # subdomains for certain parts of your website.
  292.  
  293. # <IfModule mod_rewrite.c>
  294. # RewriteCond %{HTTPS} !=on
  295. # RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
  296. # RewriteCond %{HTTP_HOST} !=localhost [NC]
  297. # RewriteCond %{HTTP_HOST} !=127.0.0.1
  298. # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
  299. # </IfModule>
  300.  
  301.  
  302. # ------------------------------------------------------------------------------
  303. # | Secure Sockets Layer (SSL) |
  304. # ------------------------------------------------------------------------------
  305.  
  306. # Rewrite secure requests properly to prevent SSL certificate warnings, e.g.:
  307. # prevent `https://www.example.com` when your certificate only allows
  308. # `https://secure.example.com`.
  309.  
  310. # <IfModule mod_rewrite.c>
  311. # RewriteCond %{SERVER_PORT} !^443
  312. # RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L]
  313. # </IfModule>
  314.  
  315.  
  316. # ------------------------------------------------------------------------------
  317. # | Persistent connections |
  318. # ------------------------------------------------------------------------------
  319.  
  320. # Allow multiple requests to be sent over the same TCP connection:
  321. # http://httpd.apache.org/docs/current/en/mod/core.html#keepalive.
  322.  
  323. # Enable if you serve a lot of static content but, be aware of the
  324. # possible disadvantages!
  325.  
  326. <IfModule mod_headers.c>
  327. Header set Connection Keep-Alive
  328. </IfModule>
  329.  
  330.  
  331. # ------------------------------------------------------------------------------
  332. # | Custom Site Redirects |
  333. # ------------------------------------------------------------------------------
  334.  
  335.  
  336. # ------------------------------------------------------------------------------
  337. # | Concrete5 URLs |
  338. # ------------------------------------------------------------------------------
Ting - Mobile that makes sense