Skip to content

Instantly share code, notes, and snippets.

@grim-reapper
Forked from ankurk91/.htaccess
Created December 26, 2022 10:36
Show Gist options
  • Save grim-reapper/cd127dff63dc5673ff8eeea1db3ce073 to your computer and use it in GitHub Desktop.
Save grim-reapper/cd127dff63dc5673ff8eeea1db3ce073 to your computer and use it in GitHub Desktop.
Some apache .htaccess tips and tricks
# Source internet
# Use at your own risk, test on localhost first
# Ovrride Default index.php
DirectoryIndex home.php
# Prevent access to some files
<FilesMatch "^(wp-config.php|readme.html|license.txt|README.md|.gitignore|.gitattributes|.htaccess|error_log)">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Change Charset and Language headers
AddDefaultCharset UTF-8
DefaultLanguage en-US
# Set default time zone
SetEnv IN Asia/Calcutta
# Disable directory browsing
Options All -Indexes
# Cache these type of files for 7 days
<IfModule mod_headers.c>
<FilesMatch "\.(jpg|jpeg|png|ico|gif|css|js|eot|otf|tt[cf]|woff|woff2|svg|mp4|webm|ogv)$">
Header set Cache-Control "max-age=604800, must-revalidate"
Header unset ETag
FileETag None
</FilesMatch>
# Explicitly disable caching for scripts and other dynamic files
<FilesMatch ".(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
# Java script compression
<FilesMatch "\.js$">
RewriteEngine On
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule (.*)\.js$ $1\.js.gz [L]
ForceType text/javascript
</FilesMatch>
# Java script - vary accept encoding
<FilesMatch "\.js\.gz$">
ForceType text/javascript
Header set Content-Encoding gzip
Header set Vary Accept-Encoding
</FilesMatch>
# Stop auto append files by webhosting
<FilesMatch "\.(php)$">
php_value auto_append_file none
</FilesMatch>
# Redirecting non www URL to www URL -
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
# Custom error pages
ErrorDocument 400 /error404.php
ErrorDocument 401 /error401.php
ErrorDocument 403 /error403.php
ErrorDocument 404 /error404.php
ErrorDocument 500 /error500.php
# Disable the server signature (apache version)
ServerSignature Off
# Max upload size
php_value upload_max_filesize 5M
# Enable compression on localhost
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>
# Fix bad x-ua meta tag
<FilesMatch "\.(htm|html|php)$">
<IfModule mod_headers.c>
BrowserMatch MSIE ie
Header set X-UA-Compatible "IE=Edge,chrome=1" env=ie
</IfModule>
</FilesMatch>
# Serve font files
<FilesMatch ".(eot|ttf|otf|woff)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
#Enable gzip with mod_gzip
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
# Secure directory by disabling script execution
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
# Mime type for web fonts
<IfModule mod_mime.c>
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff woff2
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
</IfModule>
# Prevent .git folder access and return 404
RewriteRule ^.*\.git.* - [R=404]

Hide php via htaccess, will remove .php from urls

<IfModule mod_rewrite.c>
# Apache rewrite_module must be on
RewriteEngine on
RewriteRule ^([^.?]+)$ %{REQUEST_URI}.php [NC,L]

# Redirect with moved status
RewriteRule ^([^.?]+)$ %{REQUEST_URI}.php [R=302,NC,L]

# Return 404 if original request is file.php
RewriteCond %{THE_REQUEST} "^[^ ]* .*?\.php[? ].*$"
RewriteRule .* - [L,R=404]
</IfModule>

Prevent execution of php scripts from uploads folder

# File location example: wp-content/uploads/.htaccess
<FilesMatch "\.(?i:php)$">
  <IfModule !mod_authz_core.c>
    Order allow,deny
    Deny from all
  </IfModule>
  <IfModule mod_authz_core.c>
    Require all denied
  </IfModule>
</FilesMatch>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment