forked from ClassicPress/site-www
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess
169 lines (160 loc) · 7.25 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
RewriteEngine On
# Deny access to files like .env and Composer in a way that does not reveal
# their existence (pass off to ClassicPress for 404 generation)
RewriteCond %{REQUEST_FILENAME} /\.env(\.example)?$ [OR]
RewriteCond %{REQUEST_URI} ^/composer\. [OR]
RewriteCond %{REQUEST_URI} ^/vendor(/|\?|$) [OR]
RewriteCond %{REQUEST_URI} ^/\.git [OR]
RewriteCond %{REQUEST_URI} ^/README.md
RewriteRule . /index.php [L]
# Deny access to .php files inside the wp-content dir
# Mostly exploit/probe attempts, but these legitimate requests will be blocked:
# /wp-content/plugins/mobile-menu/vendor/titan-framework/lib/iframe-font-preview.php?...
# https://stackoverflow.com/a/47139015
RewriteCond %{REQUEST_URI} ^(.*/)?wp-content/.*\.php$
RewriteRule . /index.php [L]
# Avoid revealing information about core/plugin/theme directories
# https://github.com/ClassicPress/ClassicPress-Network/issues/6
RewriteCond %{REQUEST_URI} ^(.*/)?(wp-(content|includes)(/|$)|wp-admin/[^/]+(/|$))
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . /index.php [L]
## BEGIN WEB PERFORMANCE ##
# Reference doc https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess
# Media types
<IfModule mod_mime.c>
AddType application/atom+xml atom
AddType application/json json map topojson
AddType application/ld+json jsonld
AddType application/rss+xml rss
AddType application/geo+json geojson
AddType application/rdf+xml rdf
AddType application/xml xml
AddType text/javascript js mjs
AddType application/manifest+json webmanifest
AddType application/x-web-app-manifest+json webapp
AddType text/cache-manifest appcache
AddType audio/mp4 f4a f4b m4a
AddType audio/ogg oga ogg opus
AddType image/bmp bmp
AddType image/svg+xml svg svgz
AddType image/webp webp
AddType video/mp4 f4v f4p m4v mp4
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
AddType image/x-icon cur ico
AddType application/wasm wasm
AddType font/woff woff
AddType font/woff2 woff2
AddType application/vnd.ms-fontobject eot
AddType font/ttf ttf
AddType font/collection ttc
AddType font/otf otf
AddType application/octet-stream safariextz
AddType application/x-bb-appworld bbaw
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-xpinstall xpi
AddType text/calendar ics
AddType text/markdown markdown md
AddType text/vcard vcard vcf
AddType text/vnd.rim.location.xloc xloc
AddType text/vtt vtt
AddType text/x-component htc
</IfModule>
# Cache expiration
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 month"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/calendar "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/manifest+json "access plus 1 week"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
ExpiresByType text/markdown "access plus 0 seconds"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/bmp "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
ExpiresByType application/wasm "access plus 1 year"
ExpiresByType font/collection "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType font/eot "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType font/otf "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/ttf "access plus 1 month"
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType font/woff "access plus 1 month"
ExpiresByType application/font-woff2 "access plus 1 month"
ExpiresByType font/woff2 "access plus 1 month"
ExpiresByType text/x-cross-domain-policy "access plus 1 week"
ExpiresByType text/x-component A31536000
ExpiresByType text/x-js A31536000
ExpiresByType text/richtext A3600
ExpiresByType text/plain A3600
ExpiresByType text/xsd A3600
ExpiresByType text/xsl A3600
</IfModule>
## END WEB PERFORMANCE ##
# BEGIN ClassicPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END ClassicPress
# BEGIN 301 Redirects
RedirectMatch 301 ^/blog/\d{4}/\d{1,2}/\d{1,2}/(.*)$ /blog/$1
RedirectMatch 301 ^/blog/can-i-use-the-classicpress-beta-on-live-website/? /blog/can-i-use-the-classicpress-beta-on-a-live-website-yes/
RedirectMatch 301 ^/blog/classicpress-for-business-professional-organization-websites/?$ /blog/why-choose-classicpress-for-your-business-professional-website-cms/
RedirectMatch 301 ^/blog/faqconc/how-to-revert-to-wp-498/?$ /faq/
RedirectMatch 301 ^/blog/tag/elementor-sticky/?$ /blog/
RedirectMatch 301 ^/classicpress-roadmap/?$ /roadmap/
RedirectMatch 301 ^/download/?$ /get-classicpress/
RedirectMatch 301 ^/get-involved/?$ /community/
RedirectMatch 301 ^/faqs/?$ /faq/
RedirectMatch 301 ^/migrate/?$ /get-classicpress/
RedirectMatch 301 ^/our-mission/?$ /about/
RedirectMatch 301 ^/translating-classicpress/?$ /blog/classicpress-localization/
RedirectMatch 301 ^/increase-your-plugin-audience-with-classicpress-users/?$ /for-plugin-developers/
RedirectMatch 301 ^/join-discord/?$ /community/
RedirectMatch 301 ^/blog/category/classicpress-blog/? /blog/
# END 301 Redirects
# BEGIN 302 Redirects
RedirectMatch 302 ^/latest\.json$ /wp-json/cp/v1/latest
RedirectMatch 302 ^/latest\.zip$ /wp-json/cp/v1/latest?format=zip
RedirectMatch 302 ^/latest\.tar\.gz$ /wp-json/cp/v1/latest?format=tar.gz
RedirectMatch 302 ^/latest-migration-plugin\.json$ /wp-json/cp/v1/latest?project=migration-plugin
RedirectMatch 302 ^/latest-migration-plugin\.zip$ /wp-json/cp/v1/latest?project=migration-plugin&format=zip
RedirectMatch 302 ^/blog/meet-the-community-patrick-klein/?$ /blog/meet-the-community-patrick-van-noort/
RedirectMatch 302 ^/version/([^/]*)/?$ https://github.com/ClassicPress/ClassicPress-release/releases/tag/$1
RedirectMatch 302 ^/shop/?$ /donate/#donate
RedirectMatch 302 ^/product/donate-to-classicpress/?$ /donate/#donate
RedirectMatch 302 ^/democracy/?$ /governance/
# END 302 Redirects