content/.htaccess


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

# Extra Security Headers
<IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options nosniff
    # DISABLE CACHING
    # Header set Cache-Control "no-cache, no-store, must-revalidate"
    # Header set Pragma "no-cache"
    # Header set Expires 0
</IfModule>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # Rewrite HTTP to HTTPS
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>

ErrorDocument 404 /404.html

# BEGIN EXPIRES
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/plain "access plus 1 minute"
    ExpiresByType text/vtt "access plus 1 year"
    ExpiresByType text/css "access plus 1 year"
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/html "access plus 600 seconds"
    ExpiresDefault "access plus 1 year"
</IfModule>
# END EXPIRES