Diff: STRATO-apps/wordpress_03/app/.htaccess_back_692f0f804f1f7

Keine Baseline-Datei – Diff nur gegen leer.
Baseline Vorherige Version
Zur Liste
1 -
1 + # BEGIN WordPress
2 + # Die Anweisungen (Zeilen) zwischen „BEGIN WordPress“ und „END WordPress“ sind
3 + # dynamisch generiert und sollten nur über WordPress-Filter geändert werden.
4 + # Alle Änderungen an den Anweisungen zwischen diesen Markierungen werden überschrieben.
5 + <IfModule mod_rewrite.c>
6 + RewriteEngine On
7 + RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
8 + RewriteBase /
9 + RewriteRule ^index\.php$ - [L]
10 + RewriteCond %{REQUEST_FILENAME} !-f
11 + RewriteCond %{REQUEST_FILENAME} !-d
12 + RewriteRule . /index.php [L]
13 + </IfModule>
14 +
15 + # END WordPress
16 +
17 +
18 + # BEGIN WP Rocket
19 + # Use UTF-8 encoding for anything served text/plain or text/html
20 + AddDefaultCharset UTF-8
21 + # Force UTF-8 for a number of file formats
22 + <IfModule mod_mime.c>
23 + AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
24 + </IfModule>
25 +
26 + # FileETag None is not enough for every server.
27 + <IfModule mod_headers.c>
28 + Header unset ETag
29 + </IfModule>
30 +
31 + # Since we’re sending far-future expires, we don’t need ETags for static content.
32 + # developer.yahoo.com/performance/rules.html#etags
33 + FileETag None
34 +
35 + <IfModule mod_alias.c>
36 + <FilesMatch "\.(html|htm|rtf|rtx|txt|xsd|xsl|xml)$">
37 + <IfModule mod_headers.c>
38 + Header set X-Powered-By "WP Rocket/3.20.1.1"
39 + Header unset Pragma
40 + Header append Cache-Control "public"
41 + Header unset Last-Modified
42 + </IfModule>
43 + </FilesMatch>
44 +
45 + <FilesMatch "\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$">
46 + <IfModule mod_headers.c>
47 + Header unset Pragma
48 + Header append Cache-Control "public"
49 + </IfModule>
50 + </FilesMatch>
51 + </IfModule>
52 +
53 + <IfModule mod_mime.c>
54 + AddType image/avif avif
55 + AddType image/avif-sequence avifs
56 + </IfModule>
57 + # Expires headers (for better cache control)
58 + <IfModule mod_expires.c>
59 + ExpiresActive on
60 + ExpiresDefault "access plus 1 month"
61 + # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
62 + ExpiresByType text/cache-manifest "access plus 0 seconds"
63 + # Your document html
64 + ExpiresByType text/html "access plus 0 seconds"
65 + # Data
66 + ExpiresByType text/xml "access plus 0 seconds"
67 + ExpiresByType application/xml "access plus 0 seconds"
68 + ExpiresByType application/json "access plus 0 seconds"
69 + # Feed
70 + ExpiresByType application/rss+xml "access plus 1 hour"
71 + ExpiresByType application/atom+xml "access plus 1 hour"
72 + # Favicon (cannot be renamed)
73 + ExpiresByType image/x-icon "access plus 1 week"
74 + # Media: images, video, audio
75 + ExpiresByType image/gif "access plus 4 months"
76 + ExpiresByType image/png "access plus 4 months"
77 + ExpiresByType image/jpeg "access plus 4 months"
78 + ExpiresByType image/webp "access plus 4 months"
79 + ExpiresByType video/ogg "access plus 4 months"
80 + ExpiresByType audio/ogg "access plus 4 months"
81 + ExpiresByType video/mp4 "access plus 4 months"
82 + ExpiresByType video/webm "access plus 4 months"
83 + ExpiresByType image/avif "access plus 4 months"
84 + ExpiresByType image/avif-sequence "access plus 4 months"
85 + # HTC files (css3pie)
86 + ExpiresByType text/x-component "access plus 1 month"
87 + # Webfonts
88 + ExpiresByType font/ttf "access plus 4 months"
89 + ExpiresByType font/otf "access plus 4 months"
90 + ExpiresByType font/woff "access plus 4 months"
91 + ExpiresByType font/woff2 "access plus 4 months"
92 + ExpiresByType image/svg+xml "access plus 4 months"
93 + ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
94 + # CSS and JavaScript
95 + ExpiresByType text/css "access plus 1 year"
96 + ExpiresByType application/javascript "access plus 1 year"
97 + </IfModule>
98 + # Gzip compression
99 + <IfModule mod_deflate.c>
100 + # Active compression
101 + SetOutputFilter DEFLATE
102 + # Force deflate for mangled headers
103 + <IfModule mod_setenvif.c>
104 + <IfModule mod_headers.c>
105 + SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
106 + RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
107 + # Don’t compress images and other uncompressible content
108 + SetEnvIfNoCase Request_URI \
109 + \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary
110 + </IfModule>
111 + </IfModule>
112 +
113 + # Compress all output labeled with one of the following MIME-types
114 + <IfModule mod_filter.c>
115 + AddOutputFilterByType DEFLATE application/atom+xml \
116 + application/javascript \
117 + application/json \
118 + application/rss+xml \
119 + application/vnd.ms-fontobject \
120 + application/x-font-ttf \
121 + application/xhtml+xml \
122 + application/xml \
123 + font/opentype \
124 + image/svg+xml \
125 + image/x-icon \
126 + text/css \
127 + text/html \
128 + text/plain \
129 + text/x-component \
130 + text/xml
131 + </IfModule>
132 + <IfModule mod_headers.c>
133 + Header append Vary: Accept-Encoding
134 + </IfModule>
135 + </IfModule>
136 +
137 + <IfModule mod_mime.c>
138 + AddType text/html .html_gzip
139 + AddEncoding gzip .html_gzip
140 + </IfModule>
141 + <IfModule mod_setenvif.c>
142 + SetEnvIfNoCase Request_URI \.html_gzip$ no-gzip
143 + </IfModule>
144 +
145 + <IfModule mod_rewrite.c>
146 + RewriteEngine On
147 + RewriteBase /
148 + RewriteCond %{HTTPS} on [OR]
149 + RewriteCond %{SERVER_PORT} ^443$ [OR]
150 + RewriteCond %{HTTP:X-Forwarded-Proto} https
151 + RewriteRule .* - [E=WPR_SSL:-https]
152 + RewriteCond %{HTTP:Accept-Encoding} gzip
153 + RewriteRule .* - [E=WPR_ENC:_gzip]
154 + RewriteCond %{REQUEST_METHOD} GET
155 + RewriteCond %{QUERY_STRING} =""
156 + RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_|tutor_user_|wordpress_logged_in_.+|wp-postpass_|wptouch_switch_toggle|comment_author_|comment_author_email_) [NC]
157 + RewriteCond %{REQUEST_URI} !^(/|/(?:.+/)?feed(?:/(?:.+/?)?)?$|/(?:.+/)?embed/|/(index.php/)?(.*)wp-json(/.*|$))$ [NC]
158 + RewriteCond %{HTTP:X-Wap-Profile} !^[a-z0-9\"]+ [NC]
159 + RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
160 + RewriteCond %{HTTP_USER_AGENT} !^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).* [NC]
161 + RewriteCond %{HTTP_USER_AGENT} !^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).* [NC]
162 + RewriteCond %{HTTP_USER_AGENT} !^(facebookexternalhit|WhatsApp).* [NC]
163 + RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" -f
164 + RewriteRule .* "/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" [L]
165 + </IfModule>
166 +
167 + # END WP Rocket
168 +
169 +
170 + # BEGIN Security
171 + <IfModule mod_rewrite.c>
172 + RewriteEngine On
173 + Header always set X-Frame-Options "SAMEORIGIN"
174 + Header always set X-Content-Type-Options "nosniff"
175 + Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
176 + Header always set Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';"
177 + Header always set Referrer-Policy "strict-origin-when-cross-origin"
178 + Header always set X-XSS-Protection "1; mode=block"
179 + RewriteBase /
180 + RewriteRule ^wp-admin/includes/ - [F,L]
181 + RewriteRule !^wp-includes/ - [S=3]
182 + RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
183 + RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
184 + RewriteRule ^wp-includes/theme-compat/ - [F,L]
185 + </IfModule>
186 +
187 + <Files wp-config.php>
188 + <IfModule !mod_authz_core.c>
189 + order allow,deny
190 + deny from all
191 + </IfModule>
192 + <IfModule mod_authz_core.c>
193 + require all denied
194 + </IfModule>
195 + </Files>
196 + # END Security