Simplify .htaccess. Get working from /tkr. Make that the default for apache. Simplify caching.
This commit is contained in:
parent
694bdf9da6
commit
050676260a
34
examples/apache/.htaccess
Normal file
34
examples/apache/.htaccess
Normal file
@ -0,0 +1,34 @@
|
||||
# Enable mod_rewrite
|
||||
RewriteEngine On
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
|
||||
# Directory index
|
||||
DirectoryIndex public/index.php
|
||||
|
||||
# Security: Block direct access to .php files (except through rewrites)
|
||||
RewriteCond %{THE_REQUEST} \s/[^?\s]*\.php[\s?] [NC]
|
||||
RewriteRule ^.*$ - [R=404,L]
|
||||
|
||||
# Security: Block access to sensitive directories
|
||||
RewriteRule ^(storage|src|templates|uploads|config)(/.*)?$ - [F,L]
|
||||
|
||||
# Security: Block access to hidden files
|
||||
RewriteRule ^\..*$ - [F,L]
|
||||
|
||||
# Cache static files for 1 hour
|
||||
<FilesMatch "\.css$">
|
||||
Header set Cache-Control "public, max-age=3600"
|
||||
</FilesMatch>
|
||||
|
||||
# Serve the one static file we allow: css/tkr.css (but not css/custom/)
|
||||
RewriteCond %{REQUEST_URI} !^/css/custom/
|
||||
RewriteRule ^css/tkr\.css$ public/css/tkr.css [L]
|
||||
|
||||
# Everything else goes to the front controller
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule ^(.*)$ public/index.php [L]
|
@ -1,59 +0,0 @@
|
||||
# Enable mod_rewrite
|
||||
RewriteEngine On
|
||||
|
||||
# Security headers
|
||||
# The first rule is to prevent including in a frame on a different domain.
|
||||
# Remove it if you want to do that.
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
|
||||
# Directory index
|
||||
# (Not actually used because everything gets handled by a rewrite rule
|
||||
# , but I'm keeping it for clarity about what's going on.)
|
||||
DirectoryIndex index.php
|
||||
|
||||
# Deny access to hidden files (e.g. .htaccess)
|
||||
<FilesMatch "^\.">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
# Cache static files (excluding css/custom which goes through PHP)
|
||||
# Note that I don't actually serve most of this (just css)
|
||||
# but this prevents requests for static content from getting to the PHP handler.
|
||||
#
|
||||
# The /css/custom directory is excluded from this in a RewriteCond below:
|
||||
# RewriteCond %{REQUEST_URI} !^/tkr/css/custom/
|
||||
#
|
||||
# Those requests are handled by the PHP app to serve custom css
|
||||
<FilesMatch "\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$">
|
||||
ExpiresActive On
|
||||
ExpiresDefault "access plus 1 year"
|
||||
Header set Cache-Control "public, max-age=31536000, immutable"
|
||||
</FilesMatch>
|
||||
|
||||
# Process PHP files
|
||||
<FilesMatch "\.php$">
|
||||
SetHandler application/x-httpd-php
|
||||
</FilesMatch>
|
||||
|
||||
# Skip rewriting if already in /tkr/public/ (prevents infinite loops)
|
||||
RewriteRule ^tkr/public/ - [L]
|
||||
|
||||
# Block direct access to all .php files
|
||||
# but allow internal rewrites to index.php
|
||||
RewriteCond %{THE_REQUEST} \.php [NC]
|
||||
RewriteRule ^.*\.php$ - [R=404,L]
|
||||
|
||||
# Block access to sensitive directories
|
||||
RewriteRule ^(storage|src|templates|uploads|config)(/.*)?$ - [F,L]
|
||||
|
||||
# If it's a static file that exists in /tkr/public, serve it directly
|
||||
# (but exclude css/custom which should go through PHP)
|
||||
RewriteCond %{REQUEST_URI} !^/css/custom/
|
||||
RewriteCond %{DOCUMENT_ROOT}/tkr/public%{REQUEST_URI} -f
|
||||
RewriteRule ^(.*)$ /tkr/public/$1 [L]
|
||||
|
||||
# Send everything else to the front controller
|
||||
# (/tkr/public/index.php)
|
||||
RewriteRule ^.*$ /tkr/public/index.php [L]
|
@ -1,61 +0,0 @@
|
||||
# Enable mod_rewrite
|
||||
RewriteEngine On
|
||||
|
||||
# Security headers
|
||||
# The first rule is to prevent including in a frame on a different domain.
|
||||
# Remove it if you want to do that.
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
|
||||
# Directory index
|
||||
DirectoryIndex index.php
|
||||
|
||||
# Deny access to hidden files (e.g. .htaccess)
|
||||
<FilesMatch "^\.">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
# Cache static files (excluding css/custom which goes through PHP)
|
||||
# Note that I don't actually serve most of this (just css)
|
||||
# but this prevents requests for static content from getting to the PHP handler.
|
||||
#
|
||||
# The /css/custom directory is excluded from this in a RewriteCond below:
|
||||
# RewriteCond %{REQUEST_URI} !^/tkr/css/custom/
|
||||
#
|
||||
# Those requests are handled by the PHP app to serve custom css
|
||||
<FilesMatch "\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$">
|
||||
ExpiresActive On
|
||||
ExpiresDefault "access plus 1 year"
|
||||
Header set Cache-Control "public, max-age=31536000, immutable"
|
||||
</FilesMatch>
|
||||
|
||||
# Process PHP files
|
||||
<FilesMatch "\.php$">
|
||||
SetHandler application/x-httpd-php
|
||||
</FilesMatch>
|
||||
|
||||
# Skip rewriting if already in /tkr/public/ (prevents infinite loops)
|
||||
RewriteRule ^tkr/public/ - [L]
|
||||
|
||||
# Block direct access to all .php files
|
||||
# but allow internal rewrites to index.php
|
||||
RewriteCond %{THE_REQUEST} \.php [NC]
|
||||
RewriteRule ^.*\.php$ - [R=404,L]
|
||||
|
||||
# Block access to sensitive directories under /tkr
|
||||
RewriteRule ^tkr/(storage|src|templates|uploads|config)(/.*)?$ - [F,L]
|
||||
|
||||
# Handle /tkr requests
|
||||
# (keep the path after /tkr for the next directive)
|
||||
RewriteCond %{REQUEST_URI} ^/tkr(/.*)?$
|
||||
|
||||
# If it's a static file that exists in /tkr/public, serve it directly
|
||||
# (e.g. /tkr/public/css/tkr.css)
|
||||
RewriteCond %{REQUEST_URI} !^/tkr/css/custom/
|
||||
RewriteCond %{DOCUMENT_ROOT}/tkr/public%1 -f
|
||||
RewriteRule ^tkr(/.*)?$ /tkr/public$1 [L]
|
||||
|
||||
# Send everything else to the front controller
|
||||
# (/tkr/public/index.php)
|
||||
RewriteRule ^tkr(/.*)?$ /tkr/public/index.php [L]
|
@ -9,7 +9,7 @@
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<link rel="stylesheet"
|
||||
href="<?= htmlspecialchars($config->basePath) ?>css/tkr.css?v=<?= time() ?>">
|
||||
href="<?= htmlspecialchars($config->basePath) ?>css/tkr.css">
|
||||
<?php if (!empty($config->cssId)): ?>
|
||||
<link rel="stylesheet"
|
||||
href="<?= htmlspecialchars($config->basePath) ?>css/custom/<?= htmlspecialchars($config->customCssFilename()) ?>">
|
||||
|
Loading…
x
Reference in New Issue
Block a user