2.14.2.9. Стандартний .htaccess для Joomla!

Вміст стандартного .htaccess для Joomla! (GitHub):

  1. ##
  2. # @package Joomla
  3. # @copyright Copyright (C) 2005 - 2020 Open Source Matters. All rights reserved.
  4. # @license GNU General Public License version 2 or later; see LICENSE.txt
  5. ##
  6.  
  7. ##
  8. # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
  9. #
  10. # The line 'Options +FollowSymLinks' may cause problems with some server configurations.
  11. # It is required for the use of Apache mod_rewrite, but it may have already been set by
  12. # your server administrator in a way that disallows changing it in this .htaccess file.
  13. # If using it causes your site to produce an error, comment it out (add # to the
  14. # beginning of the line), reload your site in your browser and test your sef urls. If
  15. # they work, then it has been set by your server administrator and you do not need to
  16. # set it here.
  17. ##
  18.  
  19. ## No directory listings
  20. <IfModule mod_autoindex.c>
  21. IndexIgnore *
  22. </IfModule>
  23.  
  24. ## Suppress mime type detection in browsers for unknown types
  25. <IfModule mod_headers.c>
  26. Header always set X-Content-Type-Options "nosniff"
  27. ##
  28. # Disable Federated Learning of Cohorts (FLoC)
  29. # If you uncomment the below directive you have to allow this technology in the
  30. # Global Configuration of Joomla. Read more about this in the Post-Installation
  31. # message in the backend.
  32. ##
  33. # Header always set Permissions-Policy "interest-cohort=()"
  34. </IfModule>
  35.  
  36. ## Can be commented out if causes errors, see notes above.
  37. Options +SymLinksIfOwnerMatch
  38. Options -Indexes
  39.  
  40. ## Disable inline JavaScript when directly opening SVG files or embedding them with the object-tag
  41. <FilesMatch "\.svg$">
  42. <IfModule mod_headers.c>
  43. Header always set Content-Security-Policy "script-src 'none'"
  44. </IfModule>
  45. </FilesMatch>
  46.  
  47. ## Mod_rewrite in use.
  48.  
  49. RewriteEngine On
  50.  
  51. ## Begin - Rewrite rules to block out some common exploits.
  52. # If you experience problems on your site then comment out the operations listed
  53. # below by adding a # to the beginning of the line.
  54. # This attempts to block the most common type of exploit `attempts` on Joomla!
  55. #
  56. # Block any script trying to base64_encode data within the URL.
  57. RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
  58. # Block any script that includes a <script> tag in URL.
  59. RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
  60. # Block any script trying to set a PHP GLOBALS variable via URL.
  61. RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
  62. # Block any script trying to modify a _REQUEST variable via URL.
  63. RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
  64. # Return 403 Forbidden header and show the content of the root home page
  65. RewriteRule .* index.php [F]
  66. #
  67. ## End - Rewrite rules to block out some common exploits.
  68.  
  69. ## Begin - Custom redirects
  70. #
  71. # If you need to redirect some pages, or set a canonical non-www to
  72. # www redirect (or vice versa), place that code here. Ensure those
  73. # redirects use the correct RewriteRule syntax and the [R=301,L] flags.
  74. #
  75. ## End - Custom redirects
  76.  
  77. ##
  78. # Uncomment the following line if your webserver's URL
  79. # is not directly related to physical file paths.
  80. # Update Your Joomla! Directory (just / for root).
  81. ##
  82.  
  83. # RewriteBase /
  84.  
  85. ## Begin - Joomla! core SEF Section.
  86. #
  87. RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  88. #
  89. # If the requested path and file is not /index.php and the request
  90. # has not already been internally rewritten to the index.php script
  91. RewriteCond %{REQUEST_URI} !^/index\.php
  92. # and the requested path and file doesn't directly match a physical file
  93. RewriteCond %{REQUEST_FILENAME} !-f
  94. # and the requested path and file doesn't directly match a physical folder
  95. RewriteCond %{REQUEST_FILENAME} !-d
  96. # internally rewrite the request to the index.php script
  97. RewriteRule .* index.php [L]
  98. #
  99. ## End - Joomla! core SEF Section.

Директива в рядку 37 змінена для сумісності з нашим хостингом.

Зміст