aboutsummaryrefslogtreecommitdiff
path: root/htaccess_dist
diff options
context:
space:
mode:
Diffstat (limited to 'htaccess_dist')
-rw-r--r--htaccess_dist155
1 files changed, 155 insertions, 0 deletions
diff --git a/htaccess_dist b/htaccess_dist
new file mode 100644
index 000000000..44d129475
--- /dev/null
+++ b/htaccess_dist
@@ -0,0 +1,155 @@
+# Elgg htaccess directives
+
+<Files "htaccess_dist">
+ order allow,deny
+ deny from all
+</Files>
+
+# Don't allow listing directories
+Options -Indexes
+
+# Follow symbolic links
+Options +FollowSymLinks
+
+# Default handler
+DirectoryIndex index.php
+
+
+############################
+# BROWSER CACHING
+
+# The expires module controls the Expires and Cache-Control headers. Elgg sets
+# these for dynamically generated files so this is just for static files.
+<IfModule mod_expires.c>
+ ExpiresActive On
+ ExpiresDefault "access plus 1 year"
+</IfModule>
+
+# Conditional requests are controlled through Last-Modified and ETag headers.
+# Elgg sets these on dynamically generated cacheable files so this is just for
+# static files. Note: Apache sends Last-Modified by default on static files so
+# I don't think we need to be sending ETag for these files.
+<FilesMatch "\.(jpg|jpeg|gif|png|mp3|flv|mov|avi|3pg|html|htm|swf|js|css|ico)$">
+ FileETag MTime Size
+</FilesMatch>
+
+
+############################
+# PHP SETTINGS
+<IfModule mod_php5.c>
+ # limit the maximum memory consumed by the php script to 64 MB
+ php_value memory_limit 64M
+ # register_globals is deprecated as of PHP 5.3.0 - disable it for security reasons.
+ php_value register_globals 0
+ # post_max_size is the maximum size of ALL the data that is POST'ed to php at a time (8 MB)
+ php_value post_max_size 8388608
+ # upload_max_filesize is the maximum size of a single uploaded file (5 MB)
+ php_value upload_max_filesize 5242880
+ # on development servers, set to 1 to display errors. Set to 0 on production servers.
+ php_value display_errors 0
+</IfModule>
+
+
+############################
+# COMPRESSION
+
+# Turn on mod_gzip if available
+<IfModule mod_gzip.c>
+ mod_gzip_on yes
+ mod_gzip_dechunk yes
+ mod_gzip_keep_workfiles No
+ mod_gzip_minimum_file_size 1000
+ mod_gzip_maximum_file_size 1000000
+ mod_gzip_maximum_inmem_size 1000000
+ mod_gzip_item_include mime ^text/.*
+ mod_gzip_item_include mime ^application/javascript$
+ mod_gzip_item_include mime ^application/x-javascript$
+ # Exclude old browsers and images since IE has trouble with this
+ mod_gzip_item_exclude reqheader "User-Agent: .*Mozilla/4\..*\["
+ mod_gzip_item_exclude mime ^image/.*
+</IfModule>
+
+## Apache2 deflate support if available
+##
+## Important note: mod_headers is required for correct functioning across proxies.
+##
+<IfModule mod_deflate.c>
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript
+ BrowserMatch ^Mozilla/4 gzip-only-text/html
+ BrowserMatch ^Mozilla/4\.[0678] no-gzip
+ BrowserMatch \bMSIE !no-gzip
+
+<IfModule mod_headers.c>
+ Header append Vary User-Agent env=!dont-vary
+</IfModule>
+
+ # The following is to disable compression for actions. The reason being is that these
+ # may offer direct downloads which (since the initial request comes in as text/html and headers
+ # get changed in the script) get double compressed and become unusable when downloaded by IE.
+ SetEnvIfNoCase Request_URI action\/* no-gzip dont-vary
+ SetEnvIfNoCase Request_URI actions\/* no-gzip dont-vary
+
+</IfModule>
+
+
+############################
+# REWRITE RULES
+
+<IfModule mod_rewrite.c>
+
+RewriteEngine on
+
+# If Elgg is in a subdirectory on your site, you might need to add a RewriteBase line
+# containing the path from your site root to elgg's root. e.g. If your site is
+# http://example.com/ and Elgg is in http://example.com/sites/elgg/, you might need
+#
+#RewriteBase /sites/elgg/
+#
+# here, only without the # in front.
+#
+# If you're not running Elgg in a subdirectory on your site, but still getting lots
+# of 404 errors beyond the front page, you could instead try:
+#
+#RewriteBase /
+
+
+# If your users receive the message "Sorry, logging in from a different domain is not permitted"
+# you must make sure your login form is served from the same hostname as your site pages.
+# See http://docs.elgg.org/wiki/Login_token_mismatch_error for more info.
+#
+# If you must add RewriteRules to change hostname, add them directly below (above all the others)
+
+
+# In for backwards compatibility
+RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING} [L]
+RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING} [L]
+RewriteRule ^tag\/(.+)\/?$ engine/handlers/page_handler.php?handler=search&page=$1 [L]
+
+
+RewriteRule ^action\/([A-Za-z0-9\_\-\/]+)$ engine/handlers/action_handler.php?action=$1&%{QUERY_STRING} [L]
+
+RewriteRule ^cache\/(.*)$ engine/handlers/cache_handler.php?request=$1&%{QUERY_STRING} [L]
+
+RewriteRule ^services\/api\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/service_handler.php?handler=$1&request=$2&%{QUERY_STRING} [L]
+
+RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/?$ engine/handlers/export_handler.php?view=$1&guid=$2 [L]
+RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/([A-Za-z]+)\/([A-Za-z0-9\_]+)\/$ engine/handlers/export_handler.php?view=$1&guid=$2&type=$3&idname=$4 [L]
+
+RewriteRule xml-rpc.php engine/handlers/xml-rpc_handler.php [L]
+RewriteRule mt/mt-xmlrpc.cgi engine/handlers/xml-rpc_handler.php [L]
+
+
+# rule for rewrite module test during install - can be removed after installation
+RewriteRule ^rewrite.php$ install.php [L]
+
+# Everything else that isn't a file gets routed through the page handler
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule ^([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1 [QSA,L]
+
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule ^([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2 [QSA,L]
+
+
+</IfModule>