Jump to content

Recommended Posts

Hello,

 

A little tutorial to help you to include some interesting element inside your .htaccess and increase the website security.

I take also, the ClicShopping .htaccess inside this tutorial.

 

Link can help you :

https://htaccessbook.com/increase-security-x-security-headers/

 

##################################
# Security
# Be carefull approach is different : Linux, Ngix, IIS
# Below for linux
##################################
  <IfModule mod_headers.c>

# prevent mime based attacks
Header set X-Content-Type-Options "nosniff"

# XSS Protection
Header set X-XSS-Protection "1; mode=block"

#X Frame
Header always set X-FRAME-OPTIONS "DENY"
</IfModule>

 

About the bot

##################################
# Bot
##################################
##Rules to block bad bods from accessing web pages on your site.
##Remove or add more rules as per your needs.

BrowserMatchNoCase "Baiduspider" bots
BrowserMatchNoCase "SemrushBot" bots
BrowserMatchNoCase "Yandex" bots
BrowserMatchNoCase "BLEXBot" bots
BrowserMatchNoCase "AhrefsBot" bots
BrowserMatchNoCase "DotBot" bots
BrowserMatchNoCase "Exabot" bots
BrowserMatchNoCase "SeznamBot" bots
BrowserMatchNoCase "aiHitBot" bots
BrowserMatchNoCase "spbot" bots
BrowserMatchNoCase "MJ12bot" bots
BrowserMatchNoCase "oBot" bots
BrowserMatchNoCase "DeuSu" bots
BrowserMatchNoCase "ia_archiver" bots
BrowserMatchNoCase "MetaURI" bots
BrowserMatchNoCase "FlipboardProxy" bots

Order Allow,Deny
Allow from ALL
Deny from env=bots

 

caching schema

##################################
#Caching schema
##################################
<IfModule mod_headers.c>
    Header unset ETag
    Header unset Last-Modified
</IfModule>

## EXPIRES CACHING ##
## https://gtmetrix.com/leverage-browser-caching.html ##
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/webp "access plus 1 month"
    ExpiresByType text/css "access plus 1 week"
    ExpiresByType text/javascript "access plus 1 week"
    ExpiresByType application/javascript "access plus 1 week"
    ExpiresByType application/x-javascript "access plus 1 week"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType image/vnd.microsoft.icon "access plus 1 year"
    ExpiresByType application/font-woff "access plus 1 year"
    ExpiresByType application/x-font-woff "access plus 1 year"
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
    ExpiresByType font/opentype "access plus 1 year"
    ExpiresByType font/ttf "access plus 1 year"
    ExpiresByType font/otf "access plus 1 year"
    ExpiresByType application/x-font-ttf "access plus 1 year"
    ExpiresByType application/x-font-otf "access plus 1 year"
    ExpiresByType text/css "access plus 1 year"
    ExpiresByType application/javascript "access plus 1 year"
</IfModule>

 

Apache 2.4

##################################
#apache 2.4
##################################
  <IfModule mod_version.c>
      <IfModule mod_filter.c>
        <IfVersion >= 2.4>
            FilterDeclare COMPRESS
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/html'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/css'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/plain'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'text/x-component'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/javascript'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/json'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/xhtml+xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/rss+xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/atom+xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/vnd.ms-fontobject'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'image/svg+xml'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'image/x-icon'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'application/x-font-ttf'"
            FilterProvider COMPRESS DEFLATE "%{Content_Type} = 'font/opentype'"
            FilterChain COMPRESS
            FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no
        </IfVersion>
      </IfModule>
  </IfModule>

 

  • Like 1
Link to post
Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use