پاسخ : بهترین تنظیماتhtaccess - robots.txt
البته فکر کنم زیاد فرقی برای cms ها فرق نداره این تنظیمات و وجودش یک لازمه مهم هست.
Section 1: Main Settings and Options # # Options: ALL,ExecCGI,FollowSymLinks,Includes,IncludesNOEXEC ,Indexes # MultiViews, SymLinksIfOwnerMatch. # # Main Defaults. # Options +ExecCGI -Indexes DirectoryIndex index.html index.htm index.php DefaultLanguage en-US AddDefaultCharset UTF-8 ServerSignature Off ### ENVIRONMENT VARIABLES ### #SetEnv PHPRC /webroot/includes #SetEnv TZ America/Indianapolis #SetEnv SERVER_ADMIN webmaster@domain.tld ### MIME TYPES ### AddType video/x-flv .flv AddType application/x-shockwave-flash .swf AddType image/x-icon .ico ### FORCE FILE TO DOWNLOAD INSTEAD OF APPEAR IN BROWSER ### #-> THE Ultimate Htaccess #AddType application/octet-stream .mov .mp3 .zip ### ERRORDOCUMENTS ### ErrorDocument 404 "404 error" ErrorDocument 400 "400 error" ErrorDocument 401 "401 error" ErrorDocument 403 "403 error" ErrorDocument 405 "405 error" ErrorDocument 406 "406 error" ErrorDocument 409 "409 error" ErrorDocument 413 "413 error" ErrorDocument 414 "414 error" ErrorDocument 500 "500 error" ErrorDocument 501 "501 error" #================================================= ============================# # SCRIPTING, ACTION, ADDHANDLER #================================================= ============================# # Handlers be builtin, included in a module, or added with Action directive # default-handler: default, handles static content (core) # send-as-is: Send file with HTTP headers (mod_asis) # cgi-script: treat file as CGI script (mod_cgi) # imap-file: Parse as an imagemap rule file (mod_imap) # server-info: Get server config info (mod_info) # server-status: Get server status report (mod_status) # type-map: type map file for content negotiation (mod_negotiation) # fastcgi-script: treat file as fastcgi script (mod_fastcgi) ########### ### PARSE AS CGI ### #AddHandler cgi-script .cgi .pl .spl ### RUN PHP AS APACHE MODULE ### #AddHandler application/x-httpd-php .php .htm ### RUN PHP AS CGI ### #AddHandler php-cgi .php .htm ### CGI PHP WRAPPER FOR CUSTOM PHP.INI ### #AddHandler phpini-cgi .php .htm #Action phpini-cgi /cgi-bin/php5-custom-ini.cgi ### FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI ### #AddHandler fastcgi-script .fcgi #AddHandler php-cgi .php .htm #Action php-cgi /cgi-bin/php5-wrapper.fcgi ### CUSTOM PHP CGI BINARY SETUP ### #AddHandler php-cgi .php .htm #Action php-cgi /cgi-bin/php.cgi ### PROCESS SPECIFIC FILETYPES WITH CGI-SCRIPT ### #Action image/gif /cgi-bin/img-create.cgi ### CREATE CUSTOM HANDLER FOR SPECIFIC FILE EXTENSIONS ### #AddHandler custom-processor .ssp #Action custom-processor /cgi-bin/myprocessor.cgi #================================================= ============================# # HEADERS, CACHING AND OPTIMIZATION #================================================= ============================# #-> THE Ultimate Htaccess # 300 5 M # 2700 45 M # 3600 1 H # 54000 15 H # 86400 1 D # 518400 6 D # 604800 1 W # 1814400 3 W # 2419200 1 M # 26611200 11 M # 29030400 1 Y (never expire) ########### #### HEADER CACHING #### #-> THE Ultimate Htaccess #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico)$"> # Header set Cache-Control "max-age=2592000" #</FilesMatch> #<FilesMatch "\.(js|css|pdf|swf)$"> # Header set Cache-Control "max-age=604800" #</FilesMatch> #<FilesMatch "\.(html|htm|txt)$"> # Header set Cache-Control "max-age=600" #</FilesMatch> #<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> # Header unset Cache-Control #</FilesMatch> ### ALTERNATE EXPIRES CACHING ### #-> htaccesselite.com/d/use-htaccess-to-speed-up-your-site-discussion-vt67.html #ExpiresActive On #ExpiresDefault A604800 #ExpiresByType image/x-icon A2592000 #ExpiresByType application/x-javascript A2592000 #ExpiresByType text/css A2592000 #ExpiresByType text/html A300 #<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> # ExpiresActive Off #</FilesMatch> ### META HTTP-EQUIV REPLACEMENTS ### #<FilesMatch "\.(html|htm|php)$"> # Header set imagetoolbar "no" #</FilesMatch> #================================================= ============================# # REWRITES AND REDIRECTS #================================================= ============================# # REQUEST METHODS: GET,POST,PUT,DELETE,CONNECT,OPTIONS,PATCH,PROPFIND , # PROPPATCH,MKCOL,COPY,MOVE,LOCK,UNLOCK ########### ### REWRITE DEFAULTS ### #RewriteEngine On #RewriteBase / ### REQUIRE SUBDOMAIN ### #RewriteCond %{HTTP_HOST} !^$ #RewriteCond %{HTTP_HOST} !^subdomain\.domain\.tld$ [NC] #RewriteRule ^/(.*)$ http://subdomain.domain.tld/$1 [L,R=301] ### SEO REWRITES ### #RewriteRule ^(.*)/ve/(.*)$ $1/voluntary-employee/$2 [L,R=301] #RewriteRule ^(.*)/hsa/(.*)$ $1/health-saving-account/$2 [L,R=301] ### WORDPRESS ### #RewriteCond %{REQUEST_FILENAME} !-f # Existing File #RewriteCond %{REQUEST_FILENAME} !-d # Existing Directory #RewriteRule . /index.php [L] ### ALTERNATIVE ANTI-HOTLINKING ### #RewriteCond %{HTTP_REFERER} !^$ #RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC] #RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F] ### REDIRECT HOTLINKERS ### #RewriteCond %{HTTP_REFERER} !^$ #RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC] #RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ Google [R] ### DENY REQUEST BASED ON REQUEST METHOD ### #RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)$ [NC] #RewriteRule ^.*$ - [F] ### REDIRECT UPLOADS ### #RewriteCond %{REQUEST_METHOD} ^(PUT|POST)$ [NC] #RewriteRule ^(.*)$ /cgi-bin/form-upload-processor.cgi?p=$1 [L,QSA] ### REQUIRE SSL EVEN WHEN MOD_SSL IS NOT LOADED ### #RewriteCond %{HTTPS} !=on [NC] #RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L] #### ALTERNATATIVE TO USING ERRORDOCUMENT ### #-> THE Ultimate Htaccess #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteRule ^.*$ /error.php [L] ### SEO REDIRECTS ### #Redirect 301 /2006/oldfile.html http://subdomain.domain.tld/newfile.html #RedirectMatch 301 /o/(.*)$ http://subdomain.domain.tld/s/dl/$1 #================================================= ============================# # AUTHENTICATION AND SECURITY #================================================= ============================# # THE Ultimate Htaccess # # Require (user|group|valid-user) (username|groupname) ########### ### BASIC PASSWORD PROTECTION ### #AuthType basic #AuthName "prompt" #AuthUserFile /.htpasswd #AuthGroupFile /dev/null #Require valid-user ### ALLOW FROM IP OR VALID PASSWORD ### #Require valid-user #Allow from 192.168.1.23 #Satisfy Any ### PROTECT FILES ### #<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh) $"> # Order Allow,Deny # Deny from all #</FilesMatch> ### PREVENT HOTLINKING ### #SetEnvIfNoCase Referer "^http://subdomain.domain.tld/" good #SetEnvIfNoCase Referer "^$" good #<FilesMatch "\.(png|jpg|jpeg|gif|bmp|swf|flv)$"> # Order Deny,Allow # Deny from all # Allow from env=good # ErrorDocument 403 http://www.google.com/intl/en_ALL/images/logo.gif # ErrorDocument 403 /images/you_bad_hotlinker.gif #</FilesMatch> ### LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK ### #LimitRequestBody 10240000 #bytes, 0-2147483647(2GB) #================================================= ============================# # SSL SECURITY #================================================= ============================# #-> THE Ultimate Htaccess ########### ### MOST SECURE WAY TO REQUIRE SSL ### #-> THE Ultimate Htaccess #SSLOptions +StrictRequire #SSLRequireSSL #SSLRequire %{HTTP_HOST} eq "domain.tld" #ErrorDocument 403 https://domain.tld #================================================= ============================# # SITE UNDER CONSTRUCTION #================================================= ============================# # Heres some awesome htaccess to use when you are developing a site ########### ### COMBINED DEVELOPER HTACCESS CODE-USE THIS ### #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|h tm|txt)$"> # Header set Cache-Control "max-age=5" #</FilesMatch> #AuthType basic #AuthName "Ooops! Temporarily Under Construction..." #AuthUserFile /.htpasswd #AuthGroupFile /dev/null #Require valid-user # password prompt for everyone else #Order Deny,Allow #Deny from all #Allow from 192.168.64.5 # Your, the developers IP address #Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/ #Allow from googlebot.com # Allows google to crawl your pages #Satisfy Any # no password required if host/ip is Allowed ### DONT HAVE TO EMPTY CACHE OR RELOAD TO SEE CHANGES ### #ExpiresDefault A5 #If using mod_expires #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|h tm|txt)$"> # Header set Cache-Control "max-age=5" #</FilesMatch> ### ALLOW ACCESS WITH PASSWORD OR NO PASSWORD FOR SPECIFIC IP/HOSTS ### #AuthType basic #AuthName "Ooops! Temporarily Under Construction..." #AuthUserFile /.htpasswd #AuthGroupFile /dev/null #Require valid-user # password prompt for everyone else #Order Deny,Allow #Deny from all #Allow from 192.168.64.5 # Your, the developers IP address #Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/ #Allow from googlebot.com # Allows google to crawl your pages #Satisfy Any # no password required if host/ip is Allowed
پاسخ با نقل قول
نوشته اصلی توسط akramieh
