Skip to content

MSF / msf-climate-hub

Go to a project
Toggle navigation
Toggle navigation pinning
595ad8f2 by Jeff Balicki
Options

qa 

Signed-off-by: Jeff <jeff@gotenzing.com>
1 parent 92f1e125
Inline Side-by-side
Showing 1 changed file with 425 additions and 0 deletions
...@@ -2,6 +2,431 @@ ...@@ -2,6 +2,431 @@
2 ModPagespeed off 2 ModPagespeed off
3 </IfModule> 3 </IfModule>
4 4
5 # (!) Using `.htaccess` files slows down Apache, therefore, if you have access
6 # to the main server config file (usually called `httpd.conf`), you should add
7 # this logic there: http://httpd.apache.org/docs/current/howto/htaccess.html.
8
9 # ##############################################################################
10 # # CROSS-ORIGIN RESOURCE SHARING (CORS) #
11 # ##############################################################################
12
13 # ------------------------------------------------------------------------------
14 # | Cross-domain AJAX requests |
15 # ------------------------------------------------------------------------------
16
17 # Enable cross-origin AJAX requests.
18 # http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity
19 # http://enable-cors.org/
20
21 # <IfModule mod_headers.c>
22 # Header set Access-Control-Allow-Origin "*"
23 # </IfModule>
24
25 # ------------------------------------------------------------------------------
26 # | CORS-enabled images |
27 # ------------------------------------------------------------------------------
28
29 # Send the CORS header for images when browsers request it.
30 # https://developer.mozilla.org/en/CORS_Enabled_Image
31 # http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
32 # http://hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
33
34 <IfModule mod_setenvif.c>
35 <IfModule mod_headers.c>
36 <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
37 SetEnvIf Origin ":" IS_CORS
38 Header set Access-Control-Allow-Origin "*" env=IS_CORS
39 </FilesMatch>
40 </IfModule>
41 </IfModule>
42
43 # ------------------------------------------------------------------------------
44 # | Web fonts access |
45 # ------------------------------------------------------------------------------
46
47 # Allow access from all domains for web fonts
48
49 <IfModule mod_headers.c>
50 # <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
51 Header set Access-Control-Allow-Origin "*"
52 # </FilesMatch>
53 </IfModule>
54
55
56 # ##############################################################################
57 # # ERRORS #
58 # ##############################################################################
59
60 # ------------------------------------------------------------------------------
61 # | 404 error prevention for non-existing redirected folders |
62 # ------------------------------------------------------------------------------
63
64 # Prevent Apache from returning a 404 error for a rewrite if a directory
65 # with the same name does not exist.
66 # http://httpd.apache.org/docs/current/content-negotiation.html#multiviews
67 # http://www.webmasterworld.com/apache/3808792.htm
68
69 Options -MultiViews
70
71
72 # ##############################################################################
73 # # INTERNET EXPLORER #
74 # ##############################################################################
75
76 # ------------------------------------------------------------------------------
77 # | Better website experience |
78 # ------------------------------------------------------------------------------
79
80 # Force IE to render pages in the highest available mode in the various
81 # cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf.
82 # Use, if installed, Google Chrome Frame.
83
84 <IfModule mod_headers.c>
85 Header set X-UA-Compatible "IE=edge,chrome=1"
86 # `mod_headers` can't match based on the content-type, however, we only
87 # want to send this header for HTML pages and not for the other resources
88 <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$">
89 Header unset X-UA-Compatible
90 </FilesMatch>
91 </IfModule>
92
93
94 # ##############################################################################
95 # # MIME TYPES AND ENCODING #
96 # ##############################################################################
97
98 # ------------------------------------------------------------------------------
99 # | Proper MIME types for all files |
100 # ------------------------------------------------------------------------------
101
102 <IfModule mod_mime.c>
103
104 # Audio
105 AddType audio/mp4 m4a f4a f4b
106 AddType audio/ogg oga ogg
107
108 # JavaScript
109 # Normalize to standard type (it's sniffed in IE anyways):
110 # http://tools.ietf.org/html/rfc4329#section-7.2
111 AddType application/javascript js jsonp
112 AddType application/json json
113
114 # Video
115 AddType video/mp4 mp4 m4v f4v f4p
116 AddType video/ogg ogv
117 AddType video/webm webm
118 AddType video/x-flv flv
119
120 # Web fonts
121 AddType application/font-woff woff
122 AddType application/vnd.ms-fontobject eot
123
124 # Browsers usually ignore the font MIME types and sniff the content,
125 # however, Chrome shows a warning if other MIME types are used for the
126 # following fonts.
127 AddType application/x-font-ttf ttc ttf
128 AddType font/opentype otf
129
130 # Make SVGZ fonts work on iPad:
131 # https://twitter.com/FontSquirrel/status/14855840545
132 AddType image/svg+xml svg svgz
133 AddEncoding gzip svgz
134
135 # Other
136 AddType application/octet-stream safariextz
137 AddType application/x-chrome-extension crx
138 AddType application/x-opera-extension oex
139 AddType application/x-shockwave-flash swf
140 AddType application/x-web-app-manifest+json webapp
141 AddType application/x-xpinstall xpi
142 AddType application/xml atom rdf rss xml
143 AddType image/webp webp
144 AddType image/x-icon ico
145 AddType text/cache-manifest appcache manifest
146 AddType text/vtt vtt
147 AddType text/x-component htc
148 AddType text/x-vcard vcf
149
150 </IfModule>
151
152 # ------------------------------------------------------------------------------
153 # | UTF-8 encoding |
154 # ------------------------------------------------------------------------------
155
156 # Use UTF-8 encoding for anything served as `text/html` or `text/plain`.
157 AddDefaultCharset utf-8
158
159 # Force UTF-8 for certain file formats.
160 <IfModule mod_mime.c>
161 AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml
162 </IfModule>
163
164
165 # ##############################################################################
166 # # URL REWRITES #
167 # ##############################################################################
168
169 # ------------------------------------------------------------------------------
170 # | Rewrite engine |
171 # ------------------------------------------------------------------------------
172
173 # Turning on the rewrite engine and enabling the `FollowSymLinks` option is
174 # necessary for the following directives to work.
175
176 # If your web host doesn't allow the `FollowSymlinks` option, you may need to
177 # comment it out and use `Options +SymLinksIfOwnerMatch` but, be aware of the
178 # performance impact: http://httpd.apache.org/docs/current/misc/perf-tuning.html#symlinks
179
180 # Also, some cloud hosting services require `RewriteBase` to be set:
181 # http://www.rackspace.com/knowledge_center/frequently-asked-question/why-is-mod-rewrite-not-working-on-my-site
182
183 <IfModule mod_rewrite.c>
184 Options +FollowSymlinks
185 # Options +SymLinksIfOwnerMatch
186 RewriteEngine On
187 # RewriteBase /
188 </IfModule>
189
190 # ------------------------------------------------------------------------------
191 # | Suppressing / Forcing the "www." at the beginning of URLs |
192 # ------------------------------------------------------------------------------
193
194 # The same content should never be available under two different URLs especially
195 # not with and without "www." at the beginning. This can cause SEO problems
196 # (duplicate content), therefore, you should choose one of the alternatives and
197 # redirect the other one.
198
199 # By default option 1 (no "www.") is activated:
200 # http://no-www.org/faq.php?q=class_b
201
202 # If you'd prefer to use option 2, just comment out all the lines from option 1
203 # and uncomment the ones from option 2.
204
205 # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
206
207 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
208
209 # Option 1: rewrite www.example.com → example.com
210
211 #<IfModule mod_rewrite.c>
212 # RewriteCond %{HTTPS} !=on
213 # RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
214 # RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
215 #</IfModule>
216
217 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
218
219 # Option 2: rewrite example.com → www.example.com
220
221 # Be aware that the following might not be a good idea if you use "real"
222 # subdomains for certain parts of your website.
223
224 # <IfModule mod_rewrite.c>
225 # RewriteCond %{HTTPS} !=on
226 # RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
227 # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
228 # </IfModule>
229
230
231 # ##############################################################################
232 # # SECURITY #
233 # ##############################################################################
234
235 # ------------------------------------------------------------------------------
236 # | File access |
237 # ------------------------------------------------------------------------------
238
239 # Block access to directories without a default document.
240 # Usually you should leave this uncommented because you shouldn't allow anyone
241 # to surf through every directory on your server (which may include rather
242 # private places like the CMS's directories).
243
244 <IfModule mod_autoindex.c>
245 Options -Indexes
246 </IfModule>
247
248 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
249
250 # Block access to hidden files and directories.
251 # This includes directories used by version control systems such as Git and SVN.
252
253 #<IfModule mod_rewrite.c>
254 # RewriteCond %{SCRIPT_FILENAME} -d [OR]
255 # RewriteCond %{SCRIPT_FILENAME} -f
256 # RewriteRule "(^|/)\." - [F]
257 #</IfModule>
258
259 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
260
261 # Block access to backup and source files.
262 # These files may be left by some text editors and can pose a great security
263 # danger when anyone has access to them.
264
265 <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$">
266 Order allow,deny
267 Deny from all
268 Satisfy All
269 </FilesMatch>
270
271 # ------------------------------------------------------------------------------
272 # | Secure Sockets Layer (SSL) |
273 # ------------------------------------------------------------------------------
274
275 # Rewrite secure requests properly to prevent SSL certificate warnings, e.g.:
276 # prevent `https://www.example.com` when your certificate only allows
277 # `https://secure.example.com`.
278
279 # <IfModule mod_rewrite.c>
280 # RewriteCond %{SERVER_PORT} !^443
281 # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L]
282 # </IfModule>
283
284 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
285
286 # Force client-side SSL redirection.
287
288 # If a user types "example.com" in his browser, the above rule will redirect him
289 # to the secure version of the site. That still leaves a window of opportunity
290 # (the initial HTTP connection) for an attacker to downgrade or redirect the
291 # request. The following header ensures that browser will ONLY connect to your
292 # server via HTTPS, regardless of what the users type in the address bar.
293 # http://www.html5rocks.com/en/tutorials/security/transport-layer-security/
294
295 # <IfModule mod_headers.c>
296 # Header set Strict-Transport-Security max-age=16070400;
297 # </IfModule>
298
299 # ------------------------------------------------------------------------------
300 # | Server software information |
301 # ------------------------------------------------------------------------------
302
303 # Avoid displaying the exact Apache version number, the description of the
304 # generic OS-type and the information about Apache's compiled-in modules.
305
306 # ADD THIS DIRECTIVE IN THE `httpd.conf` AS IT WILL NOT WORK IN THE `.htaccess`!
307
308 # ServerTokens Prod
309
310
311 # ##############################################################################
312 # # WEB PERFORMANCE #
313 # ##############################################################################
314
315 # ------------------------------------------------------------------------------
316 # | Compression |
317 # ------------------------------------------------------------------------------
318
319 <IfModule mod_deflate.c>
320
321 # Force compression for mangled headers.
322 # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping
323 <IfModule mod_setenvif.c>
324 <IfModule mod_headers.c>
325 SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
326 RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
327 </IfModule>
328 </IfModule>
329
330 # Compress all output labeled with one of the following MIME-types
331 # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
332 # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines
333 # as `AddOutputFilterByType` is still in the core directives).
334 <IfModule mod_filter.c>
335 AddOutputFilterByType DEFLATE application/atom+xml \
336 application/javascript \
337 application/json \
338 application/rss+xml \
339 application/vnd.ms-fontobject \
340 application/x-font-ttf \
341 application/x-web-app-manifest+json \
342 application/xhtml+xml \
343 application/xml \
344 font/opentype \
345 image/svg+xml \
346 image/x-icon \
347 text/css \
348 text/html \
349 text/plain \
350 text/x-component \
351 text/xml
352 </IfModule>
353
354 </IfModule>
355
356 # ------------------------------------------------------------------------------
357 # | ETag removal |
358 # ------------------------------------------------------------------------------
359
360 # Since we're sending far-future expires headers (see below), ETags can
361 # be removed: http://developer.yahoo.com/performance/rules.html#etags.
362
363 # `FileETag None` is not enough for every server.
364 <IfModule mod_headers.c>
365 Header unset ETag
366 </IfModule>
367
368 FileETag None
369
370 # ------------------------------------------------------------------------------
371 # | Expires headers (for better cache control) |
372 # ------------------------------------------------------------------------------
373
374 # The following expires headers are set pretty far in the future. If you don't
375 # control versioning with filename-based cache busting, consider lowering the
376 # cache time for resources like CSS and JS to something like 1 week.
377
378 <IfModule mod_expires.c>
379
380 ExpiresActive on
381 ExpiresDefault "access plus 1 month"
382
383 # CSS
384 ExpiresByType text/css "access plus 1 year"
385
386 # Data interchange
387 ExpiresByType application/json "access plus 0 seconds"
388 ExpiresByType application/xml "access plus 0 seconds"
389 ExpiresByType text/xml "access plus 0 seconds"
390
391 # Favicon (cannot be renamed!)
392 ExpiresByType image/x-icon "access plus 1 week"
393
394 # HTML components (HTCs)
395 ExpiresByType text/x-component "access plus 1 month"
396
397 # HTML
398 ExpiresByType text/html "access plus 0 seconds"
399
400 # JavaScript
401 ExpiresByType application/javascript "access plus 1 year"
402
403 # Manifest files
404 ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
405 ExpiresByType text/cache-manifest "access plus 0 seconds"
406
407 # Media
408 ExpiresByType audio/ogg "access plus 1 year"
409 ExpiresByType image/gif "access plus 1 year"
410 ExpiresByType image/jpeg "access plus 1 year"
411 ExpiresByType image/png "access plus 1 year"
412 ExpiresByType video/mp4 "access plus 1 year"
413 ExpiresByType video/ogg "access plus 1 year"
414 ExpiresByType video/webm "access plus 1 year"
415
416 # Web feeds
417 ExpiresByType application/atom+xml "access plus 1 hour"
418 ExpiresByType application/rss+xml "access plus 1 hour"
419
420 # Web fonts
421 ExpiresByType application/font-woff "access plus 1 year"
422 ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
423 ExpiresByType application/x-font-ttf "access plus 1 year"
424 ExpiresByType font/opentype "access plus 1 year"
425 ExpiresByType image/svg+xml "access plus 1 year"
426
427 </IfModule>
428
429
5 # BEGIN WordPress 430 # BEGIN WordPress
6 <IfModule mod_rewrite.c> 431 <IfModule mod_rewrite.c>
7 RewriteEngine On 432 RewriteEngine On
......