-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path.htaccess
272 lines (229 loc) · 11.4 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
AddDefaultCharset UTF-8
ErrorDocument 404 /404
ErrorDocument 401 /password.php
RewriteEngine on
# WebP
<IfModule mod_rewrite.c>
# Check if browser supports WebP images
RewriteCond %{HTTP_ACCEPT} image/webp
# Check if WebP replacement image exists
RewriteCond %{DOCUMENT_ROOT}/$1.webp -f
# Serve WebP image instead
RewriteRule (.+)\.(jpe?g|png)$ $1.webp [T=image/webp,E=REQUEST_image]
</IfModule>
<IfModule mod_headers.c>
# Vary: Accept for all the requests to jpeg and png
Header append Vary Accept env=REQUEST_image
</IfModule>
<IfModule mod_mime.c>
AddType image/webp .webp
</IfModule>
# Smarty Minify
<FilesMatch "(js|css).gz[1-9]$">
<IfModule mod_headers.c>
Header set Content-Encoding: gzip
</IfModule>
<FilesMatch "css.gz[1-9]$">
ForceType text/css
</FilesMatch>
<FilesMatch "js.gz[1-9]$">
ForceType text/javascript
</FilesMatch>
</FilesMatch>
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteRule ^cache/minify/(.+).gz([1-9])$ gzip/gzip.php [L,END]
# Cache
<IfModule mod_expires.c>
<filesmatch "\.(jpg|jpeg|png|gif|js|css|swf|ico|pdf|webp|jp2|jxr|woff|woff2)$">
ExpiresActive on
ExpiresDefault "access plus 1 year"
</filesmatch>
</IfModule>
# Cache Control
<IfModule mod_headers.c>
<filesMatch "\.(ico|pdf|jpg|jpeg|png|gif|swf|css|js|webp|jp2|jxr)$">
Header set Cache-Control "max-age=31536000, public"
</filesMatch>
</IfModule>
<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.js$
mod_gzip_item_include file \.css$
mod_gzip_item_include mime ^application/x-font-woff.*
mod_gzip_item_include mime ^application/x-font-woff2.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>
# Gzip
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/javascript text/javascript application/x-javascript text/css application/x-font-woff application/x-font-woff2
<IfModule mod_setenvif.c>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IfModule>
<FilesMatch "\.(ttf|woff|woff2|otf|eot|svg)$" >
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
# Google PageSpeed Insights
<IfModule pagespeed_module>
ModPagespeed on
ModPagespeedRewriteLevel CoreFilters
ModPagespeedEnableFilters make_google_analytics_async
ModPagespeedEnableFilters prioritize_critical_css
ModPagespeedEnableFilters sprite_images
ModPagespeedEnableFilters convert_png_to_jpeg,convert_jpeg_to_webp
ModPagespeedEnableFilters collapse_whitespace
</IfModule>
# Redirect with repeated slashes
RewriteCond %{REQUEST_URI} ^(.*?)/{2,}(.*?)$
RewriteRule . %1/%2 [L,R=301]
RewriteCond %{THE_REQUEST} //
RewriteRule .* /$0 [R=301,L]
# Redirect from slash at the end to without it
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} ^(.+)/$
RewriteRule ^(.+)/$ %1 [R=301,L]
# Redirect from page-1 to main page in friendly URL
RewriteCond %{REQUEST_URI} ^(.*)/page-1(?![0-9])(.*)$
RewriteRule ^(.*)$ %1%3 [R=301,L]
# Redirect from page=1 to the main page without friendly URL
RewriteCond %{QUERY_STRING} ^(.*)&?page=1(?![0-9])(.*)$
RewriteRule ^(.*)/?$ /$1?%1%3 [R=301,L]
# Redirect to HTTPS:
#RewriteCond %{HTTPS} =off
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Redirect from www to without www:
#RewriteCond %{HTTP_HOST} ^www\.(.*) [NC]
#RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
# Redirect from one domain to another:
#RewriteCond %{HTTP_HOST} old.com
#RewriteRule (.*) http://new.com/$1 [R=301,L]
# 301 page redirect:
#RewriteRule ^category/old-page.html$ category/new-page [R=301,NC,L]
# Admin panel /turbo
RewriteRule ^admin/?$ turbo [L]
# Search
RewriteRule ^([a-z]{2}/)?search/([^/]+)/?$ index.php?module=SearchView&keyword=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?search/?$ index.php?module=SearchView&lang_label=$1 [L,QSA]
# Blog
RewriteRule ^([a-z]{2}/)?blog/([^/]+)/?$ index.php?module=BlogView&url=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?blog/?$ index.php?module=BlogView&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?blog/([^/]+)/?$ index.php?module=BlogView&keyword_blog=$1&lang_label=$1 [L,QSA]
# Projects
RewriteRule ^([a-z]{2}/)?project/([^/]+)/?$ index.php?module=ProjectsView&project_url=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?projects/([^/]+)/?$ index.php?module=ProjectsView&category=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?projects/?$ index.php?module=ProjectsView&lang_label=$1 [L,QSA]
# Articles
RewriteRule ^([a-z]{2}/)?article/([^/]+)/?$ index.php?module=ArticlesView&article_url=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?articles/([^/]+)/?$ index.php?module=ArticlesView&category=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?articles/?$ index.php?module=ArticlesView&lang_label=$1 [L,QSA]
# For users
RewriteRule ^([a-z]{2}/)?user/login/?$ index.php?module=LoginView&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?user/register/?$ index.php?module=RegisterView&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?user/logout/?$ index.php?module=LoginView&action=logout&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?user/password_remind/?$ index.php?module=LoginView&action=password_remind&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?user/password_remind/([0-9a-z]+)/?$ index.php?module=LoginView&action=password_remind&code=$2&lang_label=$1 [L,QSA]
RewriteRule ^([a-z]{2}/)?user/?$ index.php?module=UserView&lang_label=$1 [L,QSA]
# Reviews
RewriteRule ^([a-z]{2}/)?reviews/?$ index.php?module=ReviewsView&lang_label=$1 [L,QSA]
# FAQ
RewriteRule ^([a-z]{2}/)?faq/?$ index.php?module=FAQView&lang_label=$1 [L,QSA]
# Google sitemap
RewriteRule ^([a-z]{2}/)?sitemap.xml?$ sitemap.php?lang_label=$1 [L,QSA]
# Sitemap
RewriteRule ^([a-z]{2}/)?sitemap/?$ index.php?module=SitemapView&lang_label=$1 [L,QSA]
# RSS
RewriteRule ^([a-z]{2}/)?rss.xml?$ rss.php?lang_label=$1 [L,QSA]
# Feedback
RewriteRule ^([a-z]{2}/)?contact/?$ index.php?module=FeedbackView&lang_label=$1 [L,QSA]
# Static pages
RewriteRule ^([a-z]{2}/?)?/?$ index.php?module=MainView&page_url=&lang_label=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2}/)?([^/]+)/?$ index.php?lang_label=$1&module=PageView&page_url=$2 [L,QSA]
# Static pages
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]*)/?$ index.php?module=PageView&page_url=$1 [L,QSA]
# Article image resizing
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^files/articles/preview/(.+) resize/resize.php?file=$1&is_article=1 [L,QSA]
# Image resizing blog
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^files/posts/preview/(.+) resize/resize.php?file=$1&is_post=1 [L,QSA]
# Image resizing slider
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^files/slides/preview/(.+) resize/resize.php?file=$1&is_banners=1 [L,QSA]
# Category image resizing
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^files/categories/preview/(.+) resize/resize.php?file=$1&is_category=1 [L,QSA]
# Image resizing project
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^files/projects/(.+) resize/resize.php?file=$1 [L,QSA]
# Security
<IfModule mod_rewrite.c>
# XSS blocking
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Blocking PHP GLOBALS variable from being exposed via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Blocking the ability to change the _REQUEST variable through the URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Blocking MySQL injections, RFI, base64, etc.
RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
RewriteCond %{QUERY_STRING} (\.\./|\.\.) [OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR]
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>).* [NC,OR]
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
RewriteCond %{QUERY_STRING} (\./|\../|\.../)+(motd|etc|bin) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]
RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
RewriteCond %{QUERY_STRING} ([a-z0-9]{2000,}) [NC,OR]
RewriteRule ^(.*)$ - [F,L]
# Known Shell Lock
RewriteCond %{REQUEST_URI} .*((php|my)?shell|remview.*|phpremoteview.*|sshphp.*|pcom|nstview.*|c99|r57|webadmin.*|phpget.*|phpwriter.*|fileditor.*|locus7.*|storm7.*).(p?s?x?htm?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]
RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
RewriteCond %{QUERY_STRING} ^(.*)=(/|%2F)(h|%68|%48)(o|%6F|%4F)(m|%6D|%4D)(e|%65|%45)(.+)?(/|%2F)(.*)(/|%2F)(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^work_dir=.*$ [OR]
RewriteCond %{QUERY_STRING} ^command=.*&output.*$ [OR]
RewriteCond %{QUERY_STRING} ^nts_[a-z0-9_]{0,10}=.*$ [OR]
RewriteCond %{QUERY_STRING} ^c=(t|setup|codes)$ [OR]
RewriteCond %{QUERY_STRING} ^act=((about|cmd|selfremove|chbd|trojan|backc|massbrowsersploit|exploits|grablogins|upload.*)|((chmod|f)&f=.*))$ [OR]
RewriteCond %{QUERY_STRING} ^act=(ls|search|fsbuff|encoder|tools|processes|ftpquickbrute|security|sql|eval|update|feedback|cmd|gofile|mkfile)&d=.*$ [OR]
RewriteCond %{QUERY_STRING} ^&?c=(l?v?i?&d=|v&fnot=|setup&ref=|l&r=|d&d=|tree&d|t&d=|e&d=|i&d=|codes|md5crack).*$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)([-_a-z]{1,15})=(chmod|chdir|mkdir|rmdir|clear|whoami|uname|unzip|gzip|gunzip|grep|more|umask|telnet|ssh|ftp|tail|which|mkmode|touch|logname|edit_file|search_text|find_text|php_eval|download_file|ftp_file_down|ftp_file_up|ftp_brute|mail_file|mysql|mysql_dump|db_query)([^a-zA-Z0-9].+)*$ [OR]
RewriteCond %{QUERY_STRING} ^(.*)(wget|shell_exec|passthru|system|exec|popen|proc_open)(.*)$
RewriteRule .* - [F]
</IfModule>