It looks like you're new here. If you want to get involved, click one of these buttons!
Hello! here the dout we have all the time, so i have think to post my htaccess and see if is of any help or it is wrong or or or!
<FilesMatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
#Order Allow,Deny
#Deny from all
Require all granted
</FilesMatch>
<FilesMatch "\.(js|css|jpg|png|jpeg|gif|xml|json|txt|pdf|mov|avi|otf|woff|ico|swf)$">
RequestHeader unset Cookie
Header unset Cookie
Header unset Set-Cookie
</FilesMatch>
<IfModule pagespeed_module>
ModPagespeed on
ModPagespeedEnableFilters rewrite_css,combine_css
ModPagespeedEnableFilters recompress_images
ModPagespeedEnableFilters convert_png_to_jpeg,convert_jpeg_to_webp
ModPagespeedEnableFilters collapse_whitespace,remove_comments
</IfModule>
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
# If we receive a forwarded http request from a proxy...
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
# ...or just a plain old http request directly from the client
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{SERVER_PORT} 80
# Prevent Hacks
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
# Get rid of index.php
RewriteCond %{REQUEST_URI} /index\.php
RewriteRule (.*) index.php?rewrite=2 [L,QSA]
# Rewrite all directory-looking urls
RewriteCond %{REQUEST_URI} /$
RewriteRule (.*) index.php?rewrite=1 [L,QSA]
# Try to route missing files
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} public\/ [OR]
RewriteCond %{REQUEST_FILENAME} \.(jpg|gif|png|ico|flv|htm|html|php|css|js)$
RewriteRule . - [L]
# If the file doesnt exist, rewrite to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?rewrite=1 [L,QSA]
</IfModule>
<FilesMatch "\.css$">
SetHandler application/x-httpd-php
Header set Content-type "text/css"
</FilesMatch>
<FilesMatch "\.js$">
SetHandler application/x-httpd-php
Header set Content-type "application/javascript"
</FilesMatch>
# sends requests /index.php/path/to/module/ to "index.php"
# AcceptPathInfo On
# @todo This may not be effective in some cases
FileETag Size
<IfModule mod_deflate.c>
<filesmatch "\.(js|css|ico|txt|htm|html|php)$">
SetOutputFilter DEFLATE
</filesmatch>
</ifmodule>
# Speed up caching
FileETag MTime Size
# Expires
ExpiresActive On
ExpiresDefault "access plus 366 days"
# Future Expires Headers
<filesmatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Sat, 29 Dec 2030 23:59:59 GMT"
</filesmatch>
<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year"
# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
# CSS
ExpiresByType text/css "access 1 month"
# Webfonts
ExpiresByType font/truetype "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
<IfModule mod_headers.c>
Header append Cache-Control "public"
</IfModule>
</IfModule>
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://yourdomain.tlc/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://yourdomain.tlc$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.tlc/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.tlc$ [NC]
RewriteCond %{HTTP_REFERER} !^https://yourdomain.tlc/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https://yourdomain.tlc$ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.yourdomain.tlc/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^https://www.yourdomain.tlc$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]
Comments
Where did you get that htaccess from? Did you find it online someplace?
I hav emake it assembly parts i have found here and there, why is it wrong? - cries
Btw is my htaccess the one i use for myself
Oh I was making sure you didn't get it from an unsafe site. I don't know if it's good or not. I just want to make sure you aren't getting advice from a site with hackers.
hehe no no i mad eit by myself finding here and ther epieces abotu security and about cookies expiration
Hm.... Try to play with your code. Because it is strange