apache_conf wordpress htaccess

Posted 2021-05-23

#Redirect 302 / http://google.com
Options All -Indexes 

<files wp-config.php> 
 order allow,deny 
 deny from all 
</files> 

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !sitemap\.xsl$
RewriteRule . /index.php [L]
</IfModule>

# END WordPress


#clean 
<IfModule mod_rewrite.c>
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
</IfModule>

#Disable author parsing
<IfModule mod_rewrite.c>
  RewriteCond %{QUERY_STRING} author=\d
  RewriteRule ^ /? [L,R=301]
</IfModule>

#Disable SQL Inject
<IfModule mod_rewrite.c>
  RewriteCond %{query_string} concat.*\( [NC,OR]
  RewriteCond %{query_string} union.*select.*\( [NC,OR]
  RewriteCond %{query_string} union.*all.*select [NC]
  RewriteRule ^(.*)$ index.php [F,L]
</IfModule>


# BEGIN  BROWSER CACHE ENABLE

<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresDefault "access 7 days"
	ExpiresByType application/javascript "access plus 2592000 seconds"
	ExpiresByType text/javascript "access plus 2592000 seconds" 
	ExpiresByType text/css "access plus 604800 seconds"
	ExpiresByType text/html "access plus 600 seconds"
	ExpiresByType text/x-javascript "access 2592000 seconds"
	ExpiresByType image/gif "access plus 1 month"
	ExpiresByType image/svg "access plus 1 month"
	ExpiresByType image/jpeg "access plus 1 month"
	ExpiresByType image/png "access plus 1 month"
	ExpiresByType image/jpg "access plus 1 month"
	ExpiresByType image/x-icon "access 1 month"
	ExpiresByType application/x-shockwave-flash "access 1 month"
</IfModule>

# Cache-Control
<ifModule mod_headers.c>
	# 30 days
	<filesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|swf|svg)$">
		Header set Cache-Control "max-age=2592000, public"
	</filesMatch>
	# 30 days
	<filesMatch "\.(css|js)$">
		Header set Cache-Control "max-age=2592000, public"
	</filesMatch>
	# 2 days
	<filesMatch "\.(xml|txt)$">
		Header set Cache-Control "max-age=172800, public, must-revalidate"
	</filesMatch>
	# 1 day
	<filesMatch "\.(html|htm)$">
		Header set Cache-Control "max-age=172800, private, must-revalidate"
	</filesMatch>
</ifModule>

#Disable HTTP send Vary headers for MSIE
<IfModule mod_setenvif.c>
	BrowserMatch "MSIE" force-no-vary
	BrowserMatch "Mozilla/4.[0-9]{2}" force-no-vary
</IfModule>

# END  BROWSER CACHE ENABLE


<ifModule mod_deflate.c>
	AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/css text/javascript application/javascript application/x-javascript image/svg+xml
</ifModule>

#<ifModule mod_deflate.c>
#  <IfModule mod_filter.c>
#      AddOutputFilterByType DEFLATE text/plain text/html
#      AddOutputFilterByType DEFLATE text/css
#      AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
#      AddOutputFilterByType DEFLATE text/xml application/xml application/xhtml+xml application/rss+xml
#      AddOutputFilterByType DEFLATE application/json
#      AddOutputFilterByType DEFLATE application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon
#  </ifModule>
#</ifModule>

# END DEFLATE NETWORK COMPRESSION


<IfModule mod_headers.c>
	Header set Connection keep-alive
</IfModule>

#Disable xmlrpc from ddos attacks
<Files xmlrpc.php>
	order deny,allow
	deny from all
</Files>