############################################################################################ #Section 1 RewriteEngine On IndexIgnore * Options +FollowSymLinks -Multiviews -Indexes ############################################################################################ # ---------------------------------------------------------------------- # CORS-enabled images (@crossorigin) # ---------------------------------------------------------------------- # Send CORS headers if browsers request them; enabled by default for images. # developer.mozilla.org/en/CORS_Enabled_Image # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ # wiki.mozilla.org/Security/Reviews/crossoriginAttribute # mod_headers, y u no match by Content-Type?! SetEnvIf Origin ":" IS_CORS Header set Access-Control-Allow-Origin "*" env=IS_CORS # ---------------------------------------------------------------------- # Webfont access # ---------------------------------------------------------------------- # Allow access from all domains for webfonts. # Alternatively you could only whitelist your # subdomains like "subdomain.example.com". Header set Access-Control-Allow-Origin "*" ############################################################################################ RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] ############################################################################################ # Deflate files to fasten the loading SetOutputFilter DEFLATE AddOutputFilterByType DEFLATE application/x-httpd-php text/html text/xml text/plain text/css text/javascript application/javascript application/x-javascript image/jpeg image/jpg image/png image/gif font/ttf font/eot font/otf # properly handle requests coming from behind proxies Header append Vary User-Agent # Properly handle old browsers that do not support compression BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # Explicitly exclude binary files from compression just in case SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|pdf|swf|ico|zip|ttf|eot|svg)$ no-gzip ############################################################################################ # Protect .htaccess order allow,deny deny from all ############################################################################################ # Header Expiry Header set Expires "Thu, 23 Aug 2222 00:00:00 GMT" Header unset ETag FileETag None ###########################################################################################