-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
32 lines (26 loc) · 959 Bytes
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Options -MultiViews
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Redirect to HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Rewrite to index.html for SPA (Single Page Application)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.html [L]
</IfModule>
# Prevent hotlinking of images
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?example.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png)$ - [F]
# Cache control for static files
<IfModule mod_headers.c>
<FilesMatch "\.(html|htm|js|css|png|jpg|jpeg|ico|svg)$">
Header set Cache-Control "max-age=3600, public"
</FilesMatch>
# CSRF and XSS attack prevention
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>