Last active
October 21, 2022 11:02
-
-
Save JohannesDeml/f714e47d6c6ea885f45f70bd34d927f8 to your computer and use it in GitHub Desktop.
Revisions
-
JohannesDeml revised this gist
Mar 2, 2020 . 1 changed file with 14 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,14 @@ # Htacces for wordpress * Supports caching through mod_expires (See https://gist.github.com/solancer/a51cf728a119a16f4c6ce494864a2d47) * Working Content Security Policy that does not break wordpress functionality and supports embedding of external iframes (e.g. Youtube) ## Installation * Open an ftp client (e.g. [cyberduck](https://cyberduck.io/)) and connect to your server * Enable `Show hidden Files` (View-> Show hidden Files Ctrl+Shift+R) * Overwirte the htaccess file that is in the root directory of your wordpress installation ## Environment * Wordpress 5.3 on greengeeks with php 7.2 -
Mar 2, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # Secure HTACCESS wordpress config - https://gist.github.com/JohannesDeml/f714e47d6c6ea885f45f70bd34d927f8 # BEGIN WordPress <IfModule mod_rewrite.c> -
Mar 2, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,97 @@ # Secure HTACCESS wordpress config - # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress # BEGIN HTTP security settings Header set Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Header set Content-Security-Policy "default-src 'none'; img-src https://* data:; font-src https://* data:; connect-src 'self'; frame-src https://* 'unsafe-inline'; manifest-src 'self'; object-src 'self'; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; worker-src 'self'; block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; form-action https://* 'unsafe-inline';" Feature-Policy: autoplay 'none'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; vr 'none'; Header set Referrer-Policy: same-origin Header set X-XSS-Protection: "1; mode=block" # END HTTP security settings # BEGIN Caching - Source: https://gist.github.com/solancer/a51cf728a119a16f4c6ce494864a2d47 <IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 1 month" # CSS ExpiresByType text/css "access plus 1 year" # Data interchange ExpiresByType application/atom+xml "access plus 1 hour" ExpiresByType application/rdf+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/ld+json "access plus 0 seconds" ExpiresByType application/schema+json "access plus 0 seconds" ExpiresByType application/vnd.geo+json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # Favicon (cannot be renamed!) and cursor images ExpiresByType image/vnd.microsoft.icon "access plus 1 week" ExpiresByType image/x-icon "access plus 1 week" # HTML ExpiresByType text/html "access plus 0 seconds" # JavaScript ExpiresByType application/javascript "access plus 1 year" ExpiresByType application/x-javascript "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" # Manifest files ExpiresByType application/manifest+json "access plus 1 year" ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" # Media files ExpiresByType audio/ogg "access plus 1 month" ExpiresByType image/bmp "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType image/svg+xml "access plus 1 month" ExpiresByType image/webp "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" # Web fonts # Embedded OpenType (EOT) ExpiresByType application/vnd.ms-fontobject "access plus 1 month" ExpiresByType font/eot "access plus 1 month" # OpenType ExpiresByType font/opentype "access plus 1 month" # TrueType ExpiresByType application/x-font-ttf "access plus 1 month" # Web Open Font Format (WOFF) 1.0 ExpiresByType application/font-woff "access plus 1 month" ExpiresByType application/x-font-woff "access plus 1 month" ExpiresByType font/woff "access plus 1 month" # Web Open Font Format (WOFF) 2.0 ExpiresByType application/font-woff2 "access plus 1 month" # Other ExpiresByType text/x-cross-domain-policy "access plus 1 week" </IfModule> # END Caching