From eba0f09d1e3ace7576248cdb21f0c88bb9a7b58e Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 13:27:16 -0800 Subject: [PATCH 1/6] added three more snippets in performance section --- README.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d11d6ba..90a0472 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,9 @@ What we are doing here is mostly collecting useful snippets from all over the in - [Compress Text Files](#compress-text-files) - [Set Expires Headers](#set-expires-headers) - [Turn eTags Off](#turn-etags-off) + - [Enable gzip Compression for All Files Except for Images](#enable-gzip-compression) + - [Disable gzip Compression](#disable-gzip-compression) + - [1 Day Caching](#one-day-caching) - [Miscellaneous](#miscellaneous) - [Set PHP Variables](#set-php-variables) - [Custom Error Pages](#custom-error-pages) @@ -390,6 +393,24 @@ By removing the ETag header, you disable caches and browsers from being able to FileETag None ``` +### Enable gzip Compression for All Files Except for Images +This enables gzip compression for all files in the folder except for the images. Images are already compressed and re-compressing them is just waste of resources. +``` apacheconf +SetOutputFilter DEFLATE +SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|bmp|tiff)$ no-gzip dont-vary +``` + +### Disable gzip Compression +This disables gzip compression for the folder. +``` apacheconf +SetEnv no-gzip +``` + +### 1 Day Caching +Allows the contents of the folder to be cached for one day. This can be adjusted to any different number of seconds. +``` apacheconf +Header set Cache-Control "max-age=86400, public" +``` ## Miscellaneous @@ -478,4 +499,4 @@ RewriteCond %{HTTP_ACCEPT} image/webp RewriteCond %{DOCUMENT_ROOT}/$1.webp -f RewriteRule (.+)\.(jpe?g|png)$ $1.webp [T=image/webp,E=accept:1] ``` -[Source](https://github.com/vincentorback/WebP-images-with-htaccess) \ No newline at end of file +[Source](https://github.com/vincentorback/WebP-images-with-htaccess) From 9fa57320a49b4a78fecb078be26f269dc9c61e47 Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 13:30:48 -0800 Subject: [PATCH 2/6] minor fix for the list --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 90a0472..904b710 100644 --- a/README.md +++ b/README.md @@ -38,9 +38,9 @@ What we are doing here is mostly collecting useful snippets from all over the in - [Compress Text Files](#compress-text-files) - [Set Expires Headers](#set-expires-headers) - [Turn eTags Off](#turn-etags-off) - - [Enable gzip Compression for All Files Except for Images](#enable-gzip-compression) + - [Enable gzip Compression for All Files Except Images](#enable-gzip-compression-for-all-files-except-images) - [Disable gzip Compression](#disable-gzip-compression) - - [1 Day Caching](#one-day-caching) + - [One Day Caching](#one-day-caching) - [Miscellaneous](#miscellaneous) - [Set PHP Variables](#set-php-variables) - [Custom Error Pages](#custom-error-pages) @@ -393,7 +393,7 @@ By removing the ETag header, you disable caches and browsers from being able to FileETag None ``` -### Enable gzip Compression for All Files Except for Images +### Enable gzip Compression for All Files Except Images This enables gzip compression for all files in the folder except for the images. Images are already compressed and re-compressing them is just waste of resources. ``` apacheconf SetOutputFilter DEFLATE @@ -406,7 +406,7 @@ This disables gzip compression for the folder. SetEnv no-gzip ``` -### 1 Day Caching +### One Day Caching Allows the contents of the folder to be cached for one day. This can be adjusted to any different number of seconds. ``` apacheconf Header set Cache-Control "max-age=86400, public" From 4f707e52ec637532830de9bc3303e3bb809493c8 Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 13:43:28 -0800 Subject: [PATCH 3/6] added two items to security section --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index 904b710..347bf3f 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,8 @@ What we are doing here is mostly collecting useful snippets from all over the in - [Disable Image Hotlinking for Specific Domains](#disable-image-hotlinking-for-specific-domains) - [Password Protect a Directory](#password-protect-a-directory) - [Password Protect a File or Several Files](#password-protect-a-file-or-several-files) + - [Block Visitors by Referrer](#block-visitors_by_referrer) + - [Prevent Framing the Site](#prevent_framing_the_site) - [Performance](#performance) - [Compress Text Files](#compress-text-files) - [Set Expires Headers](#set-expires-headers) @@ -286,6 +288,24 @@ Require valid-user ``` +### Block Visitors by Referrer +This denies access for all users whom are referred by a specific domain. +``` apacheconf +RewriteEngine on +# Options +FollowSymlinks +RewriteCond %{HTTP_REFERER} somedomain\.com [NC,OR] +RewriteCond %{HTTP_REFERER} anotherdomain\.com +RewriteRule .* - [F] +``` + +### Prevent Framing the Site +This prevents the website to be framed (i.e. into an iframe tag). However, it allows framing for a specific folder. +``` apacheconf +# prevent framing the site (except for myfolder) +SetEnvIf Request_URI "/myfolder" allow_framing=true +Header set X-Frame-Options SAMEORIGIN env=!allow_framing +``` + ## Performance ### Compress Text Files ``` apacheconf From 34281d3e03f62972842e19876ea5a03ad910ae05 Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 13:47:35 -0800 Subject: [PATCH 4/6] minor fix for the links --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 347bf3f..666a21d 100644 --- a/README.md +++ b/README.md @@ -34,8 +34,8 @@ What we are doing here is mostly collecting useful snippets from all over the in - [Disable Image Hotlinking for Specific Domains](#disable-image-hotlinking-for-specific-domains) - [Password Protect a Directory](#password-protect-a-directory) - [Password Protect a File or Several Files](#password-protect-a-file-or-several-files) - - [Block Visitors by Referrer](#block-visitors_by_referrer) - - [Prevent Framing the Site](#prevent_framing_the_site) + - [Block Visitors by Referrer](#block-visitors-by-referrer) + - [Prevent Framing the Site](#prevent-framing-the-site) - [Performance](#performance) - [Compress Text Files](#compress-text-files) - [Set Expires Headers](#set-expires-headers) From 61cf943593488ae3d0ad9f285eafa77abb13ff2e Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 13:56:53 -0800 Subject: [PATCH 5/6] added source for one of the items --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 666a21d..9fdd3ae 100644 --- a/README.md +++ b/README.md @@ -290,6 +290,7 @@ Require valid-user ### Block Visitors by Referrer This denies access for all users whom are referred by a specific domain. +[Source](http://www.htaccess-guide.com/deny-visitors-by-referrer) ``` apacheconf RewriteEngine on # Options +FollowSymlinks From a4aa24e6d4dcad4e06444ece9c3a4fd38dc09a83 Mon Sep 17 00:00:00 2001 From: skilledDeveloper Date: Mon, 23 Feb 2015 14:00:56 -0800 Subject: [PATCH 6/6] fixed the source link. it needed a trailing slash! --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9fdd3ae..b5d96da 100644 --- a/README.md +++ b/README.md @@ -290,7 +290,7 @@ Require valid-user ### Block Visitors by Referrer This denies access for all users whom are referred by a specific domain. -[Source](http://www.htaccess-guide.com/deny-visitors-by-referrer) +[Source](http://www.htaccess-guide.com/deny-visitors-by-referrer/) ``` apacheconf RewriteEngine on # Options +FollowSymlinks