Преглед на файлове
🔀 Switch to HTTPS if HTTP request
Also copy a bunch of headers from another .htaccessmaster
променени са 1 файла, в които са добавени 57 реда и са изтрити 0 реда
+ 57
- 0
theme/root/.htaccess
Целия файл
| @@ -0,0 +1,57 @@ | |||
| AddType image/x-icon .ico | |||
| AddType font/truetype .ttf | |||
| AddType application/x-font-woff .woff | |||
| AddType application/x-font-woff2 .woff2 | |||
| AddType video/mp4 .m4v | |||
| AddType video/webm .webm | |||
| AddDefaultCharset utf-8 | |||
| AddHandler cgi-script .py | |||
| Options All -Indexes +ExecCGI | |||
| DirectoryIndex index.html index.xml index.py | |||
| ExpiresActive On | |||
| ExpiresDefault "access plus 2 hours" | |||
| ExpiresByType text/html "access plus 2 hours" | |||
| ExpiresByType image/ico "access plus 1 year" | |||
| ExpiresByType image/icon "access plus 1 year" | |||
| ExpiresByType image/x-icon "access plus 1 year" | |||
| ExpiresByType image/jpg "access plus 1 year" | |||
| ExpiresByType image/jpeg "access plus 1 year" | |||
| ExpiresByType image/png "access plus 1 year" | |||
| ExpiresByType image/gif "access plus 1 year" | |||
| ExpiresByType text/css "access plus 1 month" | |||
| ExpiresByType application/javascript "access plus 1 month" | |||
| ExpiresByType font/truetype "access plus 1 year" | |||
| ExpiresByType application/x-font-woff "access plus 1 year" | |||
| ExpiresByType application/x-font-woff2 "access plus 1 year" | |||
| <FilesMatch "\\.(html|htm|xml)$"> | |||
| Header set Cache-Control "max-age=7200, public" | |||
| </FilesMatch> | |||
| <FilesMatch "\\.(ico|jpeg|jpg|png|gif)$"> | |||
| Header set Cache-Control "max-age=31536000, public" | |||
| </FilesMatch> | |||
| <FilesMatch "\\.(js|css)$"> | |||
| Header set Cache-Control "max-age=2592000, public" | |||
| </FilesMatch> | |||
| <FilesMatch "\\.(ttf|woff|woff2)$"> | |||
| Header set Cache-Control "max-age=31536000, public" | |||
| </FilesMatch> | |||
| Header always set Strict-Transport-Security "max-age=31536000; preload" | |||
| Header always set X-Frame-Options SAMEORIGIN | |||
| Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src *" | |||
| Header always set X-Content-Type-Options nosniff | |||
| Header always set X-XSS-Protection "1; mode=block" | |||
| Header always set Referrer-Policy "origin" | |||
| Header unset ETag | |||
| Header unset Server | |||
| FileETag none | |||
| RewriteEngine On | |||
| RewriteCond %{HTTP:X-Forwarded-Proto} !https | |||
| RewriteCond %{SERVER_NAME} =media.larlet.fr | |||
| RewriteRule ^.* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] | |||
| Redirect 410 /wp-login.php | |||
Loading…