-
Notifications
You must be signed in to change notification settings - Fork 9
/
.htaccess
20 lines (20 loc) · 705 Bytes
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
DirectoryIndex index.php index.html
RewriteEngine on
# Allow requests for valid file or folder names, or some that should be
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond $1 ^(robots\.txt|favicon\.ico|style\.css)
RewriteRule ^(.*)$ - [L]
# use index.php as front controller ...
RewriteRule ^(.*)$ ./index.php/$1 [L]
# Turn on IE8-IE9 XSS prevention tools
Header set X-XSS-Protection "1; mode=block"
# prevent mime based attacks
Header set X-Content-Type-Options "nosniff"
# Don't allow any pages to be framed - Defends against CSRF
Header set X-Frame-Options DENY
# Hide PHP version
Header unset X-Powered-By
# Eliminate ETags
Header unset Etag
FileETag none