h5bp updates - now up to date with h5bp 2.0
This commit is contained in:
Ben Word
@@ -68,6 +68,12 @@
|
||||
# Proper MIME type for all files
|
||||
# ----------------------------------------------------------------------
|
||||
|
||||
|
||||
# JavaScript
|
||||
# Normalize to standard type (it's sniffed in IE anyways)
|
||||
# tools.ietf.org/html/rfc4329#section-7.2
|
||||
AddType application/javascript js
|
||||
|
||||
# Audio
|
||||
AddType audio/ogg oga ogg
|
||||
AddType audio/mp4 m4a
|
||||
@@ -77,7 +83,8 @@ AddType video/ogg ogv
|
||||
AddType video/mp4 mp4 m4v
|
||||
AddType video/webm webm
|
||||
|
||||
# Proper svg serving. Required for svg webfonts on iPad
|
||||
# SVG.
|
||||
# Required for svg webfonts on iPad
|
||||
# twitter.com/FontSquirrel/status/14855840545
|
||||
AddType image/svg+xml svg svgz
|
||||
AddEncoding gzip svgz
|
||||
@@ -109,7 +116,7 @@ AddType text/x-vcard vcf
|
||||
# Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
|
||||
<IfModule mod_setenvif.c>
|
||||
<IfModule mod_headers.c>
|
||||
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s,?\s(gzip|deflate)?|X{4,13}|~{4,13}|-{4,13})$ HAVE_Accept-Encoding
|
||||
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
|
||||
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
|
||||
</IfModule>
|
||||
</IfModule>
|
||||
@@ -119,14 +126,12 @@ AddType text/x-vcard vcf
|
||||
FilterDeclare COMPRESS
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/javascript
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/x-component
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/javascript
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/json
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xml
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/x-javascript
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xhtml+xml
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/rss+xml
|
||||
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/atom+xml
|
||||
@@ -141,7 +146,7 @@ AddType text/x-vcard vcf
|
||||
<IfModule !mod_filter.c>
|
||||
# Legacy versions of Apache
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
|
||||
AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
|
||||
AddOutputFilterByType DEFLATE application/javascript
|
||||
AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
|
||||
AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
|
||||
AddOutputFilterByType DEFLATE image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
|
||||
@@ -190,7 +195,7 @@ AddType text/x-vcard vcf
|
||||
|
||||
# <IfModule mod_rewrite.c>
|
||||
# RewriteCond %{SERVER_PORT} !^443
|
||||
# RewriteRule (.*) https://example-domain-please-change-me.com/$1 [R=301,L]
|
||||
# RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L]
|
||||
# </IfModule>
|
||||
|
||||
|
||||
@@ -232,7 +237,9 @@ AddCharset utf-8 .html .css .js .xml .json .rss .atom
|
||||
# "-Indexes" will have Apache block users from browsing folders without a default document
|
||||
# Usually you should leave this activated, because you shouldn't allow everybody to surf through
|
||||
# every folder on your server (which includes rather private places like CMS system folders).
|
||||
Options -Indexes
|
||||
<IfModule mod_autoindex.c>
|
||||
Options -Indexes
|
||||
</IfModule>
|
||||
|
||||
|
||||
# Block access to "hidden" directories whose names begin with a period. This
|
||||
@@ -262,7 +269,8 @@ Options -Indexes
|
||||
# Rename session cookie to something else, than PHPSESSID
|
||||
# php_value session.name sid
|
||||
|
||||
# Do not show you are using php
|
||||
# Do not show you are using PHP
|
||||
# Note: Move this line to php.ini since it won't work in .htaccess
|
||||
# php_flag expose_php Off
|
||||
|
||||
# Level of log detail - log all errors
|
||||
@@ -298,5 +306,5 @@ Options -Indexes
|
||||
|
||||
# Increase cookie security
|
||||
<IfModule php5_module>
|
||||
php_value session.cookie_httponly true
|
||||
php_value session.cookie_httponly true
|
||||
</IfModule>
|
||||
Reference in New Issue
Block a user