Your websites .htaccess file.
First of all configuring your websites .htaccess files is above all your place to start!
With servers that use Apache, a .htaccess file lets you control high-level website configuration. Without having to edit your server configuration files.
You can even apply different settings to different directories by using multiple .htaccess files.
You can, therefore, create a .htaccess file in any directory on your server by simply uploading a plain text file and renaming it .htaccess.
Generally, you want to minimize the number of .htaccess files you have. Because too many configurations can slow your server down.
When a server sees a .htaccess file in a directory, it looks for .htaccess files in all the parent directories as well, increasing the servers resource usage.
Remember, .htaccess files that are higher up in the file path always take precedence.
Apache Configuration
Apache is configured so all files named .htaccess are hidden.
These files have important configuration information and can be used to compromise your server.
These are the most common uses for .htaccess:
- redirecting URLs
- loading custom error pages
- forcing your site to use HTTPS instead of HTTP.
- password protecting directories
- preventing hotlinking
Using .htaccess files is a powerful tool for managing any server, but it can be a bit tricky.
Therefore, make sure you are familiar with making changes to your server before you start editing .htaccess files, and always make a backup.
RewriteEngine On
RewriteEngine On
Options +FollowSymLinks
RewriteCond %{THE_REQUEST} ^.*/index.html
RewriteRule ^(.*)index.html$ https://awebsiteguy.com/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^(www\.)(.+) [OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?(.+)
RewriteRule ^ https://%2%{REQUEST_URI} [R=301,L]
# Prevent Directory listing
Options -Indexes
Enable Compression
AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-otf AddOutputFilterByType DEFLATE application/x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE font/otf AddOutputFilterByType DEFLATE font/ttf AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/plain mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file .(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
Leverage Browser Caching
ExpiresActive On ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType text/css "access 1 month" ExpiresByType text/html "access 1 month" ExpiresByType application/pdf "access 1 month" ExpiresByType text/x-javascript "access 1 month" ExpiresByType application/x-shockwave-flash "access 1 month" ExpiresByType image/x-icon "access 1 year" ExpiresDefault "access 1 month" # stop clickjacking # Header always set X-FRAME-OPTIONS "DENY" # stop XSS attack # Header always set X-XSS-Protection "1; mode=block"
Prevent MIME sniffing
# Header always set X-Content-Type-Options "nosniff" Header set Connection keep-alive <filesmatch "\.(ico|flv|jpg|jpeg|png|gif|css|swf)$"> Header set Cache-Control "max-age=2678400, public" <filesmatch "\.(html|htm)$"> Header set Cache-Control "max-age=7200, private, must-revalidate" <filesmatch "\.(pdf)$"> Header set Cache-Control "max-age=86400, public" <filesmatch "\.(js)$"> Header set Cache-Control "max-age=2678400, private"
