59 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			ApacheConf
		
	
	
	
	
	
			
		
		
	
	
			59 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			ApacheConf
		
	
	
	
	
	
| <IfModule mod_rewrite.c>
 | |
|     <IfModule mod_negotiation.c>
 | |
|         Options -MultiViews
 | |
|     </IfModule>
 | |
| 
 | |
|     RewriteEngine On
 | |
| 
 | |
|     # Needed for https://letsencrypt.org/ certificates.
 | |
|     RewriteRule ^\.well-known/acme-challenge/ - [L]
 | |
| 
 | |
|     # Uncomment these two lines to force SSL redirect in Apache
 | |
|     # RewriteCond %{HTTPS} off
 | |
|     # RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
 | |
| 
 | |
| 
 | |
| 
 | |
|     # Redirect Trailing Slashes If Not A Folder...
 | |
|     RewriteCond %{REQUEST_FILENAME} !-d
 | |
|     RewriteCond %{REQUEST_URI} (.+)/$
 | |
|     RewriteRule ^ %1 [L,R=301]
 | |
| 
 | |
|     # Handle Front Controller...
 | |
|     RewriteCond %{REQUEST_FILENAME} !-d
 | |
|     RewriteCond %{REQUEST_FILENAME} !-f
 | |
|     RewriteRule ^ index.php [L]
 | |
| 
 | |
|     # Handle Authorization Header
 | |
|     RewriteCond %{HTTP:Authorization} .
 | |
|     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 | |
| 
 | |
|     # Security Headers
 | |
|     # Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
 | |
|     # Header set X-XSS-Protection "1; mode=block"
 | |
|     # Header set X-Content-Type-Options nosniff
 | |
|     # Header set X-Permitted-Cross-Domain-Policies "master-only"
 | |
| 
 | |
| </IfModule>
 | |
| Options -Indexes
 | |
| 
 | |
| # DENY ACCESS TO IIS CONFIG FILE
 | |
| 
 | |
| # Apache 2.2+
 | |
| <IfModule !authz_core_module>
 | |
| 	<Files "web.config">
 | |
| 	    Order allow,deny
 | |
|     	Deny from all
 | |
|     </Files>
 | |
| </IfModule>
 | |
| 
 | |
| # Apache 2.4+
 | |
| <IfModule authz_core_module>
 | |
| 	<Files "web.config">
 | |
|       Require all denied
 | |
|     </Files>
 | |
| </IfModule>
 | |
| 
 | |
| 
 | |
| 
 |