This repository has been archived by the owner on Mar 21, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess
42 lines (42 loc) · 2.12 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# If mod_rewrite is enabled, apply the following rules to redirect requests to the index.php file
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RedirectMatch 301 ^/privacy-policy$ /index.php?path=privacy
RedirectMatch 301 ^/privacy-policy.php /index.php?path=privacy
RedirectMatch 301 ^/privacy$ /index.php?path=privacy
RedirectMatch 301 ^/privacy.php /index.php?path=privacy
RedirectMatch 301 ^/terms-and-conditions$ /index.php?path=terms
RedirectMatch 301 ^/terms-and-conditions.php /index.php?path=terms
RedirectMatch 301 ^/terms-conditions$ /index.php?path=terms
RedirectMatch 301 ^/terms-conditions.php /index.php?path=terms
RedirectMatch 301 ^/terms$ /index.php?path=terms
RedirectMatch 301 ^/terms.php /index.php?path=terms
ErrorDocument 404 /index.php?path=error&error=404
ErrorDocument 403 /index.php?path=error&error=403
ErrorDocument 500 /index.php?path=error&error=500
</IfModule>
# Prevent access to certain file types, such as .htaccess, .htpasswd, .ini, .log, .sh, .inc, .bak, .config, .sql, .tpl, .cache, .svn, .git, .yml, .yaml, .json, .lock, .dist, etc.
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh|inc|bak|config|sql|tpl|cache|svn|git|github|code-workspace|env|env.example|yml|yaml|json|lock|dist)$">
Order Allow,Deny
Deny from all
</FilesMatch>
# Deny remote access to specific directories
<IfModule mod_rewrite.c>
RewriteRule ^vendor/ - [F,L]
RewriteRule ^config/ - [F,L]
RewriteRule ^includes/ - [F,L]
</IfModule>
# Prevent Directory Listing
Options -Indexes
# If mod_headers is enabled, apply the following rules
<IfModule mod_headers.c>
# Set Strict-Transport-Security to enable HSTS
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
# Set Referrer-Policy
Header always set Referrer-Policy "no-referrer"
# Set Content-Security-Policy
Header always set Content-Security-Policy "upgrade-insecure-requests"
# Set X-Content-Type-Options to prevent browsers from MIME-sniffing a response away from the declared content-type
Header always set X-Content-Type-Options "nosniff"
</IfModule>