2023-06-04 02:39:15 +00:00
|
|
|
#
|
|
|
|
# This .htaccess for AllowOverride All
|
|
|
|
# https://httpd.apache.org/docs/2.4/mod/core.html#allowoverride
|
|
|
|
#
|
2017-02-14 13:05:26 +00:00
|
|
|
AddDefaultCharset UTF-8
|
|
|
|
|
2023-11-13 13:34:48 +00:00
|
|
|
#Options +FollowSymLinks # For extensions with symlinks
|
|
|
|
##Options -FollowSymLinks +SymLinksIfOwnerMatch # or this (more security(?), more checks(!!!))
|
|
|
|
|
2020-05-30 06:16:48 +00:00
|
|
|
<IfModule mod_autoindex.c>
|
|
|
|
Options -Indexes
|
|
|
|
</IfModule>
|
|
|
|
|
2017-02-14 13:05:26 +00:00
|
|
|
<IfModule mod_rewrite.c>
|
|
|
|
RewriteEngine On
|
|
|
|
#RewriteBase /
|
2018-09-12 13:40:20 +00:00
|
|
|
|
2017-02-14 13:05:26 +00:00
|
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
2020-06-12 12:06:28 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/style/
|
|
|
|
RewriteCond %{REQUEST_URI} !^/img/
|
2020-12-12 14:38:12 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/js/
|
2023-07-09 09:22:09 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/upload/
|
2018-09-12 13:40:20 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/favicon\.ico$
|
2023-08-10 10:48:23 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/apple-touch-icon\.png$
|
2018-09-12 13:40:20 +00:00
|
|
|
RewriteCond %{REQUEST_URI} !^/robots\.txt$
|
2017-02-14 13:05:26 +00:00
|
|
|
RewriteRule . index.php [L]
|
2020-06-12 12:06:28 +00:00
|
|
|
|
2023-06-16 09:38:17 +00:00
|
|
|
<IfModule !litespeed>
|
|
|
|
RewriteRule \.dist\. index.php [L]
|
2020-11-28 15:08:34 +00:00
|
|
|
|
2023-06-16 09:38:17 +00:00
|
|
|
RewriteCond %{REQUEST_URI} \.v\.[0-9]
|
|
|
|
RewriteRule ^(.+)\.v\.[0-9]+\.([^.\\/]++)$ $1.$2 [L]
|
|
|
|
</IfModule>
|
|
|
|
<IfModule litespeed>
|
|
|
|
RewriteRule \.dist\. index.php
|
|
|
|
|
|
|
|
RewriteCond %{REQUEST_URI} \.v\.[0-9]
|
|
|
|
RewriteRule ^(.+)\.v\.[0-9]+\.([^.\\/]++)$ $1.$2
|
|
|
|
</IfModule>
|
2020-11-28 15:08:34 +00:00
|
|
|
</IfModule>
|
|
|
|
|
2021-02-04 15:17:17 +00:00
|
|
|
# Set Cache-Control header for caching statics
|
|
|
|
<ifModule mod_headers.c>
|
2023-07-09 09:22:09 +00:00
|
|
|
<FilesMatch "\.(css|js|gif|png|jpg|jpeg|webp|avif|woff|woff2)$">
|
2021-02-04 15:17:17 +00:00
|
|
|
Header set Cache-Control "public,max-age=31536000,immutable"
|
|
|
|
Header unset ETag
|
|
|
|
</FilesMatch>
|
|
|
|
<FilesMatch "\.(ico)$">
|
|
|
|
Header set Cache-Control "public,max-age=604800"
|
|
|
|
Header unset ETag
|
|
|
|
</FilesMatch>
|
|
|
|
</ifModule>
|
2021-01-11 10:51:48 +00:00
|
|
|
|
|
|
|
<ifModule mod_headers.c>
|
|
|
|
# Set security headers if missing.
|
|
|
|
# ForkBB generates these headers, but only for php pages.
|
2021-02-04 15:17:17 +00:00
|
|
|
#
|
|
|
|
### Only works in Apache 2.4.10+ (Reason, condition -> "expr = -z% {resp: ...}") ###
|
|
|
|
#
|
2021-01-11 10:51:48 +00:00
|
|
|
Header always set Content-Security-Policy "default-src 'self';object-src 'none';frame-ancestors 'none';base-uri 'none';form-action 'self'" "expr=-z %{resp:Content-Security-Policy}"
|
|
|
|
Header always set Feature-Policy "accelerometer 'none';ambient-light-sensor 'none';autoplay 'none';battery 'none';camera 'none';document-domain 'self';fullscreen 'self';geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';sync-xhr 'self';usb 'none'" "expr=-z %{resp:Feature-Policy}"
|
2021-03-12 16:27:24 +00:00
|
|
|
Header always set Referrer-Policy "strict-origin-when-cross-origin" "expr=-z %{resp:Referrer-Policy}"
|
2021-01-11 10:51:48 +00:00
|
|
|
# Header set Strict-Transport-Security "max-age=31536000" "expr=-z %{resp:Strict-Transport-Security}"
|
|
|
|
Header always set X-Content-Type-Options "nosniff" "expr=-z %{resp:X-Content-Type-Options}"
|
|
|
|
Header always set X-Frame-Options "DENY" "expr=-z %{resp:X-Frame-Options}"
|
|
|
|
Header always set X-XSS-Protection "1; mode=block" "expr=-z %{resp:X-XSS-Protection}"
|
2021-01-14 03:10:36 +00:00
|
|
|
Header always set Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),document-domain=(self),fullscreen=(self),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),sync-xhr=(self),usb=()" "expr=-z %{resp:Permissions-Policy}"
|
2021-01-11 10:51:48 +00:00
|
|
|
|
|
|
|
# Remove headers containing php information
|
|
|
|
Header unset X-Powered-By
|
|
|
|
Header always unset X-Powered-By
|
|
|
|
</ifModule>
|
|
|
|
|
2021-01-14 03:10:36 +00:00
|
|
|
# Hiding information about the system
|
|
|
|
ServerSignature Off
|
|
|
|
#ServerTokens ProductOnly # Use only in server config, do not use in .htaccess
|
2021-01-11 10:51:48 +00:00
|
|
|
|
|
|
|
# More info: https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess
|