Diff -- /var/www/vhosts/webstls.com/httpdocs/.htaccess
Diff
/var/www/vhosts/webstls.com/httpdocs/.htaccess
deleted on WebSTLs (webstls.com) at 2026-07-12 01:40:04
Added
+0
lines
Removed
-59
lines
Context
0
unchanged
Blobs
from 3bb39bb1c9c8
to
to
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.| 1 | # ===================================================================== | |
| 2 | # WebSTLs — webroot .htaccess | |
| 3 | # Lives at /var/www/vhosts/webstls.com/httpdocs/.htaccess | |
| 4 | # | |
| 5 | # This file controls how Apache treats files in this directory and below. | |
| 6 | # Only directives that are LEGAL inside .htaccess are used (no <Directory> | |
| 7 | # or <VirtualHost> blocks — those are reserved for the main server config). | |
| 8 | # ===================================================================== | |
| 9 | ||
| 10 | # ----- CGI execution ---------------------------------------------------- | |
| 11 | # Treat *.cgi files as CGI scripts. Plus a sane index file order. | |
| 12 | Options +ExecCGI -Indexes +FollowSymLinks | |
| 13 | AddHandler cgi-script .cgi | |
| 14 | DirectoryIndex index.cgi index.html | |
| 15 | ||
| 16 | # ----- Wildcard subdomain → storefront ---------------------------------- | |
| 17 | # Any <name>.webstls.com hits store.cgi?subdomain=<name>. Skipped for the | |
| 18 | # canonical webstls.com / www.webstls.com hosts so the marketing site keeps | |
| 19 | # working normally. | |
| 20 | <IfModule mod_rewrite.c> | |
| 21 | RewriteEngine On | |
| 22 | ||
| 23 | RewriteCond %{HTTP_HOST} !^webstls\.com$ [NC] | |
| 24 | RewriteCond %{HTTP_HOST} !^www\.webstls\.com$ [NC] | |
| 25 | RewriteCond %{HTTP_HOST} ^([a-z0-9-]+)\.webstls\.com$ [NC] | |
| 26 | RewriteRule ^/?$ /store.cgi?subdomain=%1 [L,QSA] | |
| 27 | </IfModule> | |
| 28 | ||
| 29 | # ----- Block sensitive files everywhere under the webroot --------------- | |
| 30 | # *.sql — db_schema.sql and any SQL dumps | |
| 31 | # *.pm — Perl modules accidentally placed in the webroot | |
| 32 | # *.log — error / debug logs | |
| 33 | # *.bak — editor backup files | |
| 34 | # *.prev — pre-edit copies | |
| 35 | <FilesMatch "\.(sql|pm|log|bak|prev|dat|db)$"> | |
| 36 | Require all denied | |
| 37 | </FilesMatch> | |
| 38 | ||
| 39 | # ----- Force HTTPS (uncomment once your SSL cert is fully in place) ----- | |
| 40 | # RewriteEngine On | |
| 41 | # RewriteCond %{HTTPS} !=on | |
| 42 | # RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301] | |
| 43 | ||
| 44 | # ----- Long-cache static assets ----------------------------------------- | |
| 45 | # CSS, JS, fonts, images get a year of cache. Bust by appending a | |
| 46 | # version querystring (e.g. /assets/css/site.css?v=2026-05) when you | |
| 47 | # change them. | |
| 48 | <FilesMatch "\.(css|js|woff2?|ttf|eot|webp|png|jpg|jpeg|gif|svg|ico)$"> | |
| 49 | <IfModule mod_headers.c> | |
| 50 | Header set Cache-Control "public, max-age=31536000, immutable" | |
| 51 | </IfModule> | |
| 52 | </FilesMatch> | |
| 53 | ||
| 54 | # ----- Light security headers ------------------------------------------- | |
| 55 | <IfModule mod_headers.c> | |
| 56 | Header always set X-Content-Type-Options "nosniff" | |
| 57 | Header always set X-Frame-Options "SAMEORIGIN" | |
| 58 | Header always set Referrer-Policy "strict-origin-when-cross-origin" | |
| 59 | </IfModule> |