Diff -- /var/www/vhosts/webstls.com/httpdocs/.htaccess

O Operator
Diff

/var/www/vhosts/webstls.com/httpdocs/.htaccess

added on WebSTLs (webstls.com) at 2026-07-01 22:26:14

Added
+0
lines
Removed
-0
lines
Context
59
unchanged
Blobs
from 3bb39bb1c9c8
to 3bb39bb1c9c8
Restore this content →
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.
11# =====================================================================
22# WebSTLs — webroot .htaccess
33# Lives at /var/www/vhosts/webstls.com/httpdocs/.htaccess
44#
55# This file controls how Apache treats files in this directory and below.
66# Only directives that are LEGAL inside .htaccess are used (no <Directory>
77# or <VirtualHost> blocks — those are reserved for the main server config).
88# =====================================================================
99
1010# ----- CGI execution ----------------------------------------------------
1111# Treat *.cgi files as CGI scripts. Plus a sane index file order.
1212Options +ExecCGI -Indexes +FollowSymLinks
1313AddHandler cgi-script .cgi
1414DirectoryIndex index.cgi index.html
1515
1616# ----- Wildcard subdomain → storefront ----------------------------------
1717# Any <name>.webstls.com hits store.cgi?subdomain=<name>. Skipped for the
1818# canonical webstls.com / www.webstls.com hosts so the marketing site keeps
1919# working normally.
2020<IfModule mod_rewrite.c>
2121 RewriteEngine On
2222
2323 RewriteCond %{HTTP_HOST} !^webstls\.com$ [NC]
2424 RewriteCond %{HTTP_HOST} !^www\.webstls\.com$ [NC]
2525 RewriteCond %{HTTP_HOST} ^([a-z0-9-]+)\.webstls\.com$ [NC]
2626 RewriteRule ^/?$ /store.cgi?subdomain=%1 [L,QSA]
2727</IfModule>
2828
2929# ----- Block sensitive files everywhere under the webroot ---------------
3030# *.sql — db_schema.sql and any SQL dumps
3131# *.pm — Perl modules accidentally placed in the webroot
3232# *.log — error / debug logs
3333# *.bak — editor backup files
3434# *.prev — pre-edit copies
3535<FilesMatch "\.(sql|pm|log|bak|prev|dat|db)$">
3636 Require all denied
3737</FilesMatch>
3838
3939# ----- Force HTTPS (uncomment once your SSL cert is fully in place) -----
4040# RewriteEngine On
4141# RewriteCond %{HTTPS} !=on
4242# RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
4343
4444# ----- Long-cache static assets -----------------------------------------
4545# CSS, JS, fonts, images get a year of cache. Bust by appending a
4646# version querystring (e.g. /assets/css/site.css?v=2026-05) when you
4747# change them.
4848<FilesMatch "\.(css|js|woff2?|ttf|eot|webp|png|jpg|jpeg|gif|svg|ico)$">
4949 <IfModule mod_headers.c>
5050 Header set Cache-Control "public, max-age=31536000, immutable"
5151 </IfModule>
5252</FilesMatch>
5353
5454# ----- Light security headers -------------------------------------------
5555<IfModule mod_headers.c>
5656 Header always set X-Content-Type-Options "nosniff"
5757 Header always set X-Frame-Options "SAMEORIGIN"
5858 Header always set Referrer-Policy "strict-origin-when-cross-origin"
5959</IfModule>