Skip to content
This repository
Newer
Older
100644 535 lines (390 sloc) 19.482 kb
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
1 # Apache configuration file
2 # httpd.apache.org/docs/2.2/mod/quickreference.html
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
3
170b0da9 » Craig Barnes
2010-11-04 Add note and link regarding best practices for Apache config
4 # Note .htaccess files are an overhead, this logic should be in your Apache config if possible
5 # httpd.apache.org/docs/2.2/howto/htaccess.html
6
5a8f1285 » paulirish
2010-08-25 apache tricks from perishablepress. also a no-www fix from jstnryan
7 # Techniques in here adapted from all over, including:
8 # Kroc Camen: camendesign.com/.htaccess
9 # perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
10 # Sample .htaccess file of CMS MODx: modxcms.com
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
11
12
961ec543 » paulirish
2010-12-14 Moved all server configurations (except apache's .htaccess) over to a…
13 ###
d8a3970e » mathiasbynens
2011-09-18 Check if mod_headers is available before matching webfont files. This…
14 ### If you run a webserver other than Apache, consider:
4a69c416 » necolas
2011-11-04 Update urls in .htaccess to reference the new repo and wiki locations
15 ### github.com/h5bp/server-configs
961ec543 » paulirish
2010-12-14 Moved all server configurations (except apache's .htaccess) over to a…
16 ###
17
18
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
19
20 # ----------------------------------------------------------------------
21 # Better website experience for IE users
22 # ----------------------------------------------------------------------
23
fdd14c17 » paulirish
2010-08-09 chrome frame and IE=edge as a header
24 # Force the latest IE version, in various cases when it may fall back to IE7 mode
25 # github.com/rails/rails/commit/123eb25#commitcomment-118920
68c75c02 » paulirish
2010-08-09 remove duplicate cache manifest expires rules
26 # Use ChromeFrame if it's installed for a better experience for the poor IE folk
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
27
9f9d6ee0 » paulirish
2010-09-07 Header append Vary Accept-Encoding - thx aaron peters.
28 <IfModule mod_headers.c>
d8a3970e » mathiasbynens
2011-09-18 Check if mod_headers is available before matching webfont files. This…
29 Header set X-UA-Compatible "IE=Edge,chrome=1"
30 # mod_headers can't match by content-type, but we don't want to send this header on *everything*...
588e82c8 » Divya Manian
2011-11-06 Adding Opera extension to mimetypes and unsetting X-UA-Compatible for…
31 <FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
d8a3970e » mathiasbynens
2011-09-18 Check if mod_headers is available before matching webfont files. This…
32 Header unset X-UA-Compatible
33 </FilesMatch>
cfbd24a7 » paulirish
2010-08-30 ifmodule headers for all those jerkfaces out there who dont have mod_…
34 </IfModule>
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
35
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
36
37 # ----------------------------------------------------------------------
38 # Cross-domain AJAX requests
39 # ----------------------------------------------------------------------
40
2727fa23 » mathiasbynens
2011-11-28 Send CORS headers if browsers request them. This enables CORS-enabled…
41 # Serve cross-domain Ajax requests, disabled by default.
6794dc3c » paulirish
2010-10-28 adding a bit mroe around the commented out CORS
42 # enable-cors.org
b57c5c86 » paulirish
2010-10-28 minor. htaccess comment
43 # code.google.com/p/html5security/wiki/CrossOriginRequestSecurity
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
44
6794dc3c » paulirish
2010-10-28 adding a bit mroe around the commented out CORS
45 # <IfModule mod_headers.c>
46 # Header set Access-Control-Allow-Origin "*"
47 # </IfModule>
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
48
49
2727fa23 » mathiasbynens
2011-11-28 Send CORS headers if browsers request them. This enables CORS-enabled…
50 # ----------------------------------------------------------------------
51 # CORS-enabled images (@crossorigin)
52 # ----------------------------------------------------------------------
53
54 # Send CORS headers if browsers request them; enabled by default.
55 # developer.mozilla.org/en/CORS_Enabled_Image
56 # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
57 # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
58
59 <IfModule mod_setenvif.c>
60 <IfModule mod_headers.c>
61 SetEnvIf Origin ":" IS_CORS
62 Header set Access-Control-Allow-Origin "*" env=IS_CORS
63 </IfModule>
64 </IfModule>
65
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
66
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
67 # ----------------------------------------------------------------------
68 # Webfont access
69 # ----------------------------------------------------------------------
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
70
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
71 # Allow access from all domains for webfonts.
72 # Alternatively you could only whitelist your
c72a81c5 » mathiasbynens
2011-07-20 Use example.com instead of domain.com, as per RFC 2606. Fixes #613.
73 # subdomains like "subdomain.example.com".
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
74
d8a3970e » mathiasbynens
2011-09-18 Check if mod_headers is available before matching webfont files. This…
75 <IfModule mod_headers.c>
76 <FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$">
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
77 Header set Access-Control-Allow-Origin "*"
d8a3970e » mathiasbynens
2011-09-18 Check if mod_headers is available before matching webfont files. This…
78 </FilesMatch>
79 </IfModule>
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
80
81
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
82
83 # ----------------------------------------------------------------------
84 # Proper MIME type for all files
85 # ----------------------------------------------------------------------
86
b14b4a60 » paulirish
2011-07-31 Normalize javascript mimetype to application/javascript. Reduces cruf…
87
88 # JavaScript
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
89 # Normalize to standard type (it's sniffed in IE anyways)
b14b4a60 » paulirish
2011-07-31 Normalize javascript mimetype to application/javascript. Reduces cruf…
90 # tools.ietf.org/html/rfc4329#section-7.2
91 AddType application/javascript js
92
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
93 # Audio
e2c718cc » bentruyman
2010-10-27 According to RFC 5334 ( http://tools.ietf.org/html/rfc5334 ), the 'ogg'
94 AddType audio/ogg oga ogg
a30e338d » heff
2011-05-26 Added m4a (Need it for IE9) and m4v (HandBrake default) MIME types.
95 AddType audio/mp4 m4a
e2c718cc » bentruyman
2010-10-27 According to RFC 5334 ( http://tools.ietf.org/html/rfc5334 ), the 'ogg'
96
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
97 # Video
e2c718cc » bentruyman
2010-10-27 According to RFC 5334 ( http://tools.ietf.org/html/rfc5334 ), the 'ogg'
98 AddType video/ogg ogv
a30e338d » heff
2011-05-26 Added m4a (Need it for IE9) and m4v (HandBrake default) MIME types.
99 AddType video/mp4 mp4 m4v
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
100 AddType video/webm webm
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
101
b14b4a60 » paulirish
2011-07-31 Normalize javascript mimetype to application/javascript. Reduces cruf…
102 # SVG.
103 # Required for svg webfonts on iPad
6f01f432 » paulirish
2010-08-10 webfont serving types.
104 # twitter.com/FontSquirrel/status/14855840545
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
105 AddType image/svg+xml svg svgz
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
106 AddEncoding gzip svgz
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
107
108 # Webfonts
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
109 AddType application/vnd.ms-fontobject eot
ddd7ae43 » mikealmond
2011-04-15 Updating TTF mimetype to fix Google Chrome warning
110 AddType application/x-font-ttf ttf ttc
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
111 AddType font/opentype otf
2404601c » Divya Manian
2011-03-05 updated woff mime-type in ExpiresByType rule in .htaccess. fixes #349
112 AddType application/x-font-woff woff
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
113
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
114 # Assorted types
37b5fec0 » paulirish
2010-12-15 changing mimetype of .ico files to "image/x-icon". Details follow:
115 AddType image/x-icon ico
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
116 AddType image/webp webp
de50e813 » mathiasbynens
2011-01-31 Use the .appcache extension instead of .manifest, as per http://html5…
117 AddType text/cache-manifest appcache manifest
5be6f1f3 » paulirish
2010-10-23 ico serving, webp, and other bits. thx iszak
118 AddType text/x-component htc
119 AddType application/x-chrome-extension crx
588e82c8 » Divya Manian
2011-11-06 Adding Opera extension to mimetypes and unsetting X-UA-Compatible for…
120 AddType application/x-opera-extension oex
3d95cfa0 » dustinwhittle
2010-10-29 added plugin/extension mime types for safari, chrome, firefox
121 AddType application/x-xpinstall xpi
122 AddType application/octet-stream safariextz
fc7d9e1e » leobetosouza
2011-04-26 Allow blackberry to read vcards
123 AddType text/x-vcard vcf
6f01f432 » paulirish
2010-08-10 webfont serving types.
124
280b11a3 » paulirish
2010-08-15 htaccess: serving of htc. fixes #55
125
9b5d916a » jdbartlett
2010-07-22 Make sure mod_deflate is enabled before attempting to use it.
126
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
127 # ----------------------------------------------------------------------
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
128 # Allow concatenation from within specific js and css files
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
129 # ----------------------------------------------------------------------
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
130
131 # e.g. Inside of script.combined.js you could have
eebdfffe » sams
2011-02-13 minor alteration to ssi js include illustrate that path should be rel…
132 # <!--#include file="libs/jquery-1.5.0.min.js" -->
133 # <!--#include file="plugins/jquery.idletimer.js" -->
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
134 # and they would be included into this single file.
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
135
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
136 # This is not in use in the boilerplate as it stands. You may
137 # choose to name your files in this way for this advantage or
138 # concatenate and minify them manually.
43abda83 » paulirish
2010-08-13 ServerSideIncludes disabled by default. Strengthened them up, too. fi…
139 # Disabled by default.
140
a36c13a7 » paulirish
2011-07-30 update the (disabled) SSI for better windows compatibility. fixes #628.…
141 #<FilesMatch "\.combined\.js$">
142 # Options +Includes
143 # AddOutputFilterByType INCLUDES application/javascript application/json
144 # SetOutputFilter INCLUDES
6241a727 » Divya Manian
2011-08-07 Fixing typo in .htaccess file
145 #</FilesMatch>
a36c13a7 » paulirish
2011-07-30 update the (disabled) SSI for better windows compatibility. fixes #628.…
146 #<FilesMatch "\.combined\.css$">
147 # Options +Includes
148 # AddOutputFilterByType INCLUDES text/css
149 # SetOutputFilter INCLUDES
150 #</FilesMatch>
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
151
152
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
153 # ----------------------------------------------------------------------
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
154 # Gzip compression
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
155 # ----------------------------------------------------------------------
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
156
9b5d916a » jdbartlett
2010-07-22 Make sure mod_deflate is enabled before attempting to use it.
157 <IfModule mod_deflate.c>
158
a87078d4 » mathiasbynens
2011-10-18 Cleaner, more obvious indentation in .htaccess. Closes #817.
159 # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
160 <IfModule mod_setenvif.c>
161 <IfModule mod_headers.c>
162 SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
163 RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
164 </IfModule>
c3175aac » timemachine3030
2011-01-18 check for mod_headers before calling RequestHeaders
165 </IfModule>
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
166
a87078d4 » mathiasbynens
2011-10-18 Cleaner, more obvious indentation in .htaccess. Closes #817.
167 # HTML, TXT, CSS, JavaScript, JSON, XML, HTC:
168 <IfModule filter_module>
169 FilterDeclare COMPRESS
170 FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html
171 FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css
172 FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain
173 FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml
174 FilterProvider COMPRESS DEFLATE resp=Content-Type $text/x-component
175 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/javascript
176 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/json
177 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xml
178 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xhtml+xml
179 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/rss+xml
180 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/atom+xml
181 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/vnd.ms-fontobject
182 FilterProvider COMPRESS DEFLATE resp=Content-Type $image/svg+xml
183 FilterProvider COMPRESS DEFLATE resp=Content-Type $image/x-icon
184 FilterProvider COMPRESS DEFLATE resp=Content-Type $application/x-font-ttf
185 FilterProvider COMPRESS DEFLATE resp=Content-Type $font/opentype
186 FilterChain COMPRESS
187 FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no
188 </IfModule>
168d2eb7 » adeelejaz
2010-11-06 Use mod_filter for compression, with fallback to AddOutputFilterByTyp…
189
a87078d4 » mathiasbynens
2011-10-18 Cleaner, more obvious indentation in .htaccess. Closes #817.
190 <IfModule !mod_filter.c>
191 # Legacy versions of Apache
192 AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
193 AddOutputFilterByType DEFLATE application/javascript
194 AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
195 AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
196 AddOutputFilterByType DEFLATE image/x-icon image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
197 </IfModule>
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
198
a87078d4 » mathiasbynens
2011-10-18 Cleaner, more obvious indentation in .htaccess. Closes #817.
199 </IfModule>
0bb94957 » paulirish
2010-04-15 new .htaccess template with some common settings.. still need to be r…
200
9c1fbb38 » paulirish
2010-05-29 svg serving addressed for webfonts on ipad
201
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
202 # ----------------------------------------------------------------------
203 # Expires headers (for better cache control)
204 # ----------------------------------------------------------------------
205
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
206 # These are pretty far-future expires headers.
207 # They assume you control versioning with cachebusting query params like
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
208 # <script src="application.js?20100608">
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
209 # Additionally, consider that outdated proxies may miscache
44e49f87 » paulirish
2010-08-09 more detail around filename revving aka cachebusting
210 # www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
211
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
212 # If you don't use filenames to version, lower the CSS and JS to something like
213 # "access plus 1 week" or so.
44e49f87 » paulirish
2010-08-09 more detail around filename revving aka cachebusting
214
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
215 <IfModule mod_expires.c>
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
216 ExpiresActive on
4e17c6dc » paulirish
2010-08-09 expires rules mucking. other htaccess whitespace.
217
218 # Perhaps better to whitelist expires rules? Perhaps.
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
219 ExpiresDefault "access plus 1 month"
220
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
221 # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
b6d10ae7 » paulirish
2010-08-05 cache manifest needs 0 expires (thx remy).
222 ExpiresByType text/cache-manifest "access plus 0 seconds"
223
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
224 # Your document html
ec1bf21c » paulirish
2010-08-13 data (json/xml) should not be cached (good tip, SirFunk)
225 ExpiresByType text/html "access plus 0 seconds"
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
226
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
227 # Data
ec1bf21c » paulirish
2010-08-13 data (json/xml) should not be cached (good tip, SirFunk)
228 ExpiresByType text/xml "access plus 0 seconds"
229 ExpiresByType application/xml "access plus 0 seconds"
230 ExpiresByType application/json "access plus 0 seconds"
231
acdae817 » Phize
2011-07-22 add settings for Atom.
232 # Feed
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
233 ExpiresByType application/rss+xml "access plus 1 hour"
acdae817 » Phize
2011-07-22 add settings for Atom.
234 ExpiresByType application/atom+xml "access plus 1 hour"
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
235
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
236 # Favicon (cannot be renamed)
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
237 ExpiresByType image/x-icon "access plus 1 week"
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
238
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
239 # Media: images, video, audio
b59c1cc0 » adeelejaz
2010-08-24 Add Expires header for .gif
240 ExpiresByType image/gif "access plus 1 month"
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
241 ExpiresByType image/png "access plus 1 month"
242 ExpiresByType image/jpg "access plus 1 month"
243 ExpiresByType image/jpeg "access plus 1 month"
244 ExpiresByType video/ogg "access plus 1 month"
245 ExpiresByType audio/ogg "access plus 1 month"
246 ExpiresByType video/mp4 "access plus 1 month"
e24de7ff » paulirish
2010-08-23 expires for webm. hattip kroc camen.
247 ExpiresByType video/webm "access plus 1 month"
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
248
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
249 # HTC files (css3pie)
2fe0b745 » paulirish
2011-02-11 caching of .htc files. thx rich. fixes #303
250 ExpiresByType text/x-component "access plus 1 month"
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
251
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
252 # Webfonts
715957bf » mathiasbynens
2011-09-06 Correct Expires header to `application/x-font-ttf`. Fixes #740.
253 ExpiresByType application/x-font-ttf "access plus 1 month"
2c0dce91 » paulirish
2010-08-28 fix up mimetypes for expires on webfonts. thx Holek.
254 ExpiresByType font/opentype "access plus 1 month"
2404601c » Divya Manian
2011-03-05 updated woff mime-type in ExpiresByType rule in .htaccess. fixes #349
255 ExpiresByType application/x-font-woff "access plus 1 month"
44e49f87 » paulirish
2010-08-09 more detail around filename revving aka cachebusting
256 ExpiresByType image/svg+xml "access plus 1 month"
5a8f1285 » paulirish
2010-08-25 apache tricks from perishablepress. also a no-www fix from jstnryan
257 ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
258
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
259 # CSS and JavaScript
96d7b264 » mdonoughe
2011-04-07 change the source htaccess rather than updating it
260 ExpiresByType text/css "access plus 1 year"
261 ExpiresByType application/javascript "access plus 1 year"
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
262
55495513 » ashnur
2011-01-24 Bugfix. Header directive appeared without IfModule mod_headers.c caus…
263 <IfModule mod_headers.c>
264 Header append Cache-Control "public"
265 </IfModule>
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
266
937fcf29 » paulirish
2010-05-20 updated htaccess. expires headers are better. better compression. mor…
267 </IfModule>
1ca728c0 » paulirish
2010-06-03 p3p header for cookieable iframes (IE)
268
269
270
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
271 # ----------------------------------------------------------------------
272 # ETag removal
273 # ----------------------------------------------------------------------
9b5d916a » jdbartlett
2010-07-22 Make sure mod_deflate is enabled before attempting to use it.
274
9ee01e94 » shichuan
2011-05-19 moved ETag removal configs closer
275 # FileETag None is not enough for every server.
276 <IfModule mod_headers.c>
277 Header unset ETag
278 </IfModule>
279
f5bc803f » jdbartlett
2010-07-23 Updated FileEtag directive per paulirish's comment here:
280 # Since we're sending far-future expires, we don't need ETags for
281 # static content.
f33a07d3 » paulirish
2010-08-09 removing http:// from doc urls
282 # developer.yahoo.com/performance/rules.html#etags
f5bc803f » jdbartlett
2010-07-23 Updated FileEtag directive per paulirish's comment here:
283 FileETag None
08b77686 » jdbartlett
2010-07-22 Get your inodes the heck out of my ETags!
284
285
286
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
287 # ----------------------------------------------------------------------
288 # Stop screen flicker in IE on CSS rollovers
289 # ----------------------------------------------------------------------
290
291 # The following directives stop screen flicker in IE on CSS rollovers - in
292 # combination with the "ExpiresByType" rules for images (see above). If
293 # needed, un-comment the following rules.
294
295 # BrowserMatch "MSIE" brokenvary=1
296 # BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
297 # BrowserMatch "Opera" !brokenvary
298 # SetEnvIf brokenvary 1 force-no-vary
299
300
301
302 # ----------------------------------------------------------------------
303 # Cookie setting from iframes
304 # ----------------------------------------------------------------------
08b77686 » jdbartlett
2010-07-22 Get your inodes the heck out of my ETags!
305
401889b1 » paulirish
2010-07-16 apache config notes for iframe cookies
306 # Allow cookies to be set from iframes (for IE only)
307 # If needed, uncomment and specify a path or regex in the Location directive
308
309 # <IfModule mod_headers.c>
310 # <Location />
154f5e11 » paulirish
2010-08-13 escaping fix in p3p section. (thx daniel harttman). fixed otfS typo. …
311 # Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
401889b1 » paulirish
2010-07-16 apache config notes for iframe cookies
312 # </Location>
313 # </IfModule>
1ca728c0 » paulirish
2010-06-03 p3p header for cookieable iframes (IE)
314
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
315
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
316
317 # ----------------------------------------------------------------------
318 # Start rewrite engine
319 # ----------------------------------------------------------------------
320
321 # Turning on the rewrite engine is necessary for the following rules and features.
2833b899 » mathiasbynens
2011-05-07 Add `Options +FollowSymlinks` when `RewriteEngine` is used. Fixes #489.
322 # FollowSymLinks must be enabled for this to work.
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
323
7827a908 » paulirish
2010-08-19 nerfing the rewrite rules with ifModule. thx meander
324 <IfModule mod_rewrite.c>
2833b899 » mathiasbynens
2011-05-07 Add `Options +FollowSymlinks` when `RewriteEngine` is used. Fixes #489.
325 Options +FollowSymlinks
7827a908 » paulirish
2010-08-19 nerfing the rewrite rules with ifModule. thx meander
326 RewriteEngine On
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
327 </IfModule>
328
329
330
331 # ----------------------------------------------------------------------
332 # Suppress or force the "www." at the beginning of URLs
333 # ----------------------------------------------------------------------
334
335 # The same content should never be available under two different URLs - especially not with and
336 # without "www." at the beginning, since this can cause SEO problems (duplicate content).
337 # That's why you should choose one of the alternatives and redirect the other one.
338
339 # By default option 1 (no "www.") is activated. Remember: Shorter URLs are sexier.
340 # no-www.org/faq.php?q=class_b
341
342 # If you rather want to use option 2, just comment out all option 1 lines
343 # and uncomment option 2.
344 # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
345
346 # ----------------------------------------------------------------------
347
348 # Option 1:
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
349 # Rewrite "www.example.com -> example.com"
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
350
351 <IfModule mod_rewrite.c>
5a8f1285 » paulirish
2010-08-25 apache tricks from perishablepress. also a no-www fix from jstnryan
352 RewriteCond %{HTTPS} !=on
7827a908 » paulirish
2010-08-19 nerfing the rewrite rules with ifModule. thx meander
353 RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
00d8b845 » ngryman
2011-08-02 generic rewrite rules (working in virtual host context)
354 RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
7827a908 » paulirish
2010-08-19 nerfing the rewrite rules with ifModule. thx meander
355 </IfModule>
430ee899 » paulirish
2010-08-09 forward www.example.com to example.com by default.
356
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
357 # ----------------------------------------------------------------------
358
359 # Option 2:
c72a81c5 » mathiasbynens
2011-07-20 Use example.com instead of domain.com, as per RFC 2606. Fixes #613.
360 # To rewrite "example.com -> www.example.com" uncomment the following lines.
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
361 # Be aware that the following rule might not be a good idea if you
362 # use "real" subdomains for certain parts of your website.
363
364 # <IfModule mod_rewrite.c>
365 # RewriteCond %{HTTPS} !=on
366 # RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
00d8b845 » ngryman
2011-08-02 generic rewrite rules (working in virtual host context)
367 # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
368 # </IfModule>
369
370
371
372 # ----------------------------------------------------------------------
e81479ba » paulirish
2011-03-05 add filename revving mapped to real asset into htaccess. (disabled by…
373 # Built-in filename-based cache busting
374 # ----------------------------------------------------------------------
375
376 # If you're not using the build script to manage your filename version revving,
377 # you might want to consider enabling this, which will route requests for
caeb9138 » MarceI
2011-03-07 Description corrections for "Built-in filename-based cache busting" s…
378 # /css/style.20110203.css to /css/style.css
e81479ba » paulirish
2011-03-05 add filename revving mapped to real asset into htaccess. (disabled by…
379
380 # To understand why this is important and a better idea than all.css?v1231,
4a69c416 » necolas
2011-11-04 Update urls in .htaccess to reference the new repo and wiki locations
381 # read: github.com/h5bp/html5-boilerplate/wiki/Version-Control-with-Cachebusting
e81479ba » paulirish
2011-03-05 add filename revving mapped to real asset into htaccess. (disabled by…
382
383 # Uncomment to enable.
384 # <IfModule mod_rewrite.c>
385 # RewriteCond %{REQUEST_FILENAME} !-f
386 # RewriteCond %{REQUEST_FILENAME} !-d
387 # RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
388 # </IfModule>
389
390
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
391
e81479ba » paulirish
2011-03-05 add filename revving mapped to real asset into htaccess. (disabled by…
392 # ----------------------------------------------------------------------
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
393 # Prevent SSL cert warnings
394 # ----------------------------------------------------------------------
395
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
396 # Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent
c72a81c5 » mathiasbynens
2011-07-20 Use example.com instead of domain.com, as per RFC 2606. Fixes #613.
397 # https://www.example.com when your cert only allows https://secure.example.com
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
398 # Uncomment the following lines to use this feature.
399
400 # <IfModule mod_rewrite.c>
401 # RewriteCond %{SERVER_PORT} !^443
00d8b845 » ngryman
2011-08-02 generic rewrite rules (working in virtual host context)
402 # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L]
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
403 # </IfModule>
404
405
406
407 # ----------------------------------------------------------------------
408 # Prevent 404 errors for non-existing redirected folders
409 # ----------------------------------------------------------------------
410
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
411 # without -MultiViews, Apache will give a 404 for a rewrite if a folder of the same name does not exist
6ce800b6 » paulirish
2010-09-07 tweaks to avoid apache errors a bit more.
412 # e.g. /blog/hello : webmasterworld.com/apache/3808792.htm
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
413
b44a12d7 » mathiasbynens
2011-08-14 Enable gzip compression for favicons. Closes #684.
414 Options -MultiViews
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
415
416
417
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
418 # ----------------------------------------------------------------------
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
419 # Custom 404 page
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
420 # ----------------------------------------------------------------------
421
3a41223d » paulirish
2011-02-11 note: you can add page handlers for 500, 403 errors easily. fixes #299
422 # You can add custom pages to handle 500 or 403 pretty easily, if you like.
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
423 ErrorDocument 404 /404.html
424
425
426
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
427 # ----------------------------------------------------------------------
428 # UTF-8 encoding
429 # ----------------------------------------------------------------------
430
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
431 # Use UTF-8 encoding for anything served text/plain or text/html
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
432 AddDefaultCharset utf-8
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
433
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
434 # Force UTF-8 for a number of file formats
acdae817 » Phize
2011-07-22 add settings for Atom.
435 AddCharset utf-8 .html .css .js .xml .json .rss .atom
0b140cf1 » paulirish
2010-07-29 404 document. lots of .htaccess work
436
437
438
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
439 # ----------------------------------------------------------------------
440 # A little more security
441 # ----------------------------------------------------------------------
442
5a8f1285 » paulirish
2010-08-25 apache tricks from perishablepress. also a no-www fix from jstnryan
443
4ab1c3d3 » paulirish
2011-01-05 ServerTokens Prod added to htaccess. thx alrra.
444 # Do we want to advertise the exact version number of Apache we're running?
445 # Probably not.
4971aa0a » paulirish
2011-01-14 servertokens doesnt work in .htaccess.. only httpd.conf.
446 ## This can only be enabled if used in httpd.conf - It will not work in .htaccess
447 # ServerTokens Prod
4ab1c3d3 » paulirish
2011-01-05 ServerTokens Prod added to htaccess. thx alrra.
448
449
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
450 # "-Indexes" will have Apache block users from browsing folders without a default document
63d8a6ca » paulirish
2010-12-13 tightening up michael van laar's apache changes
451 # Usually you should leave this activated, because you shouldn't allow everybody to surf through
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
452 # every folder on your server (which includes rather private places like CMS system folders).
85d8cc0a » mathiasbynens
2011-08-11 Check if mod_autoindex.c is available before disabling the Indexes op…
453 <IfModule mod_autoindex.c>
454 Options -Indexes
455 </IfModule>
63d8a6ca » paulirish
2010-12-13 tightening up michael van laar's apache changes
456
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
457
78f4ec55 » paulirish
2011-01-23 htaccess: block access to .git and .svn folders.
458 # Block access to "hidden" directories whose names begin with a period. This
459 # includes directories used by version control systems such as Subversion or Git.
460 <IfModule mod_rewrite.c>
a835a4db » lukeb
2011-11-30 Requests shouldn't fail if the file or directory beginning with a per…
461 RewriteCond %{SCRIPT_FILENAME} -d
462 RewriteCond %{SCRIPT_FILENAME} -f
78f4ec55 » paulirish
2011-01-23 htaccess: block access to .git and .svn folders.
463 RewriteRule "(^|/)\." - [F]
464 </IfModule>
465
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
466
8b634157 » mikealmond
2011-11-07 Block access to backup/source/config files. Fixes issue #648
467 # Block access to backup and source files
468 # This files may be left by some text/html editors and
469 # pose a great security danger, when someone can access them
470 <FilesMatch ".(bak|config|sql|fla|psd|ini|log|sh|inc|~|swp)$">
471 Order allow,deny
472 Deny from all
473 Satisfy All
474 </FilesMatch>
475
476
94712def » MichaelvanLaar
2010-12-07 .htaccess: some additional features and more structure for easier rea…
477 # If your server is not already configured as such, the following directive
478 # should be uncommented in order to set PHP's register_globals option to OFF.
479 # This closes a major security hole that is abused by most XSS (cross-site
480 # scripting) attacks. For more information: http://php.net/register_globals
481 #
482 # IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS :
483 #
484 # Your server does not allow PHP directives to be set via .htaccess. In that
485 # case you must make this change in your php.ini file instead. If you are
486 # using a commercial web host, contact the administrators for assistance in
487 # doing this. Not all servers allow local php.ini files, and they should
488 # include all PHP configurations (not just this one), or you will effectively
489 # reset everything to PHP defaults. Consult www.php.net for more detailed
490 # information about setting PHP directives.
491
63d8a6ca » paulirish
2010-12-13 tightening up michael van laar's apache changes
492 # php_flag register_globals Off
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
493
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
494 # Rename session cookie to something else, than PHPSESSID
61557bbe » slavic
2011-04-21 some more security for php
495 # php_value session.name sid
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
496
e13f5c4b » mathiasbynens
2011-08-09 Add a note saying `php_flag expose_php Off` should be moved to `php.i…
497 # Do not show you are using PHP
498 # Note: Move this line to php.ini since it won't work in .htaccess
61557bbe » slavic
2011-04-21 some more security for php
499 # php_flag expose_php Off
63d8a6ca » paulirish
2010-12-13 tightening up michael van laar's apache changes
500
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
501 # Level of log detail - log all errors
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
502 # php_value error_reporting -1
503
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
504 # Write errors to log file
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
505 # php_flag log_errors On
506
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
507 # Do not display errors in browser (production - Off, development - On)
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
508 # php_flag display_errors Off
509
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
510 # Do not display startup errors (production - Off, development - On)
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
511 # php_flag display_startup_errors Off
512
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
513 # Format errors in plain text
6fee66d7 » paulirish
2011-07-23 more docs for php_flag html_errors Off. thx @leek. fixes #622
514 # Note: Leave this setting 'On' for xdebug's var_dump() output
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
515 # php_flag html_errors Off
516
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
517 # Show multiple occurrence of error
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
518 # php_flag ignore_repeated_errors Off
519
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
520 # Show same errors from different sources
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
521 # php_flag ignore_repeated_source Off
522
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
523 # Size limit for error messages
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
524 # php_value log_errors_max_len 1024
525
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
526 # Don't precede error with string (doesn't accept empty string, use whitespace if you need)
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
527 # php_value error_prepend_string " "
528
bfe9a840 » disusered
2011-06-20 Modified htaccess for consistent capitalization and comment style
529 # Don't prepend to error (doesn't accept empty string, use whitespace if you need)
1a398b3e » slavic
2011-04-21 some more security for php - turn off error display and turn on error…
530 # php_value error_append_string " "
531
edf9c3fb » codler
2011-03-29 httponly
532 # Increase cookie security
533 <IfModule php5_module>
85d8cc0a » mathiasbynens
2011-08-11 Check if mod_autoindex.c is available before disabling the Indexes op…
534 php_value session.cookie_httponly true
acdae817 » Phize
2011-07-22 add settings for Atom.
535 </IfModule>
Something went wrong with that request. Please try again.