Diff -- /var/www/vhosts/webstls.com/httpdocs/.htaccess
Diff
/var/www/vhosts/webstls.com/httpdocs/.htaccess
added on WebSTLs (webstls.com) at 2026-07-01 22:26:14
Added
+0
lines
Removed
-0
lines
Context
59
unchanged
Blobs
from 3bb39bb1c9c8
to 3bb39bb1c9c8
to 3bb39bb1c9c8
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.| 1 | 1 | # ===================================================================== |
| 2 | 2 | # WebSTLs — webroot .htaccess |
| 3 | 3 | # Lives at /var/www/vhosts/webstls.com/httpdocs/.htaccess |
| 4 | 4 | # |
| 5 | 5 | # This file controls how Apache treats files in this directory and below. |
| 6 | 6 | # Only directives that are LEGAL inside .htaccess are used (no <Directory> |
| 7 | 7 | # or <VirtualHost> blocks — those are reserved for the main server config). |
| 8 | 8 | # ===================================================================== |
| 9 | 9 | |
| 10 | 10 | # ----- CGI execution ---------------------------------------------------- |
| 11 | 11 | # Treat *.cgi files as CGI scripts. Plus a sane index file order. |
| 12 | 12 | Options +ExecCGI -Indexes +FollowSymLinks |
| 13 | 13 | AddHandler cgi-script .cgi |
| 14 | 14 | DirectoryIndex index.cgi index.html |
| 15 | 15 | |
| 16 | 16 | # ----- Wildcard subdomain → storefront ---------------------------------- |
| 17 | 17 | # Any <name>.webstls.com hits store.cgi?subdomain=<name>. Skipped for the |
| 18 | 18 | # canonical webstls.com / www.webstls.com hosts so the marketing site keeps |
| 19 | 19 | # working normally. |
| 20 | 20 | <IfModule mod_rewrite.c> |
| 21 | 21 | RewriteEngine On |
| 22 | 22 | |
| 23 | 23 | RewriteCond %{HTTP_HOST} !^webstls\.com$ [NC] |
| 24 | 24 | RewriteCond %{HTTP_HOST} !^www\.webstls\.com$ [NC] |
| 25 | 25 | RewriteCond %{HTTP_HOST} ^([a-z0-9-]+)\.webstls\.com$ [NC] |
| 26 | 26 | RewriteRule ^/?$ /store.cgi?subdomain=%1 [L,QSA] |
| 27 | 27 | </IfModule> |
| 28 | 28 | |
| 29 | 29 | # ----- Block sensitive files everywhere under the webroot --------------- |
| 30 | 30 | # *.sql — db_schema.sql and any SQL dumps |
| 31 | 31 | # *.pm — Perl modules accidentally placed in the webroot |
| 32 | 32 | # *.log — error / debug logs |
| 33 | 33 | # *.bak — editor backup files |
| 34 | 34 | # *.prev — pre-edit copies |
| 35 | 35 | <FilesMatch "\.(sql|pm|log|bak|prev|dat|db)$"> |
| 36 | 36 | Require all denied |
| 37 | 37 | </FilesMatch> |
| 38 | 38 | |
| 39 | 39 | # ----- Force HTTPS (uncomment once your SSL cert is fully in place) ----- |
| 40 | 40 | # RewriteEngine On |
| 41 | 41 | # RewriteCond %{HTTPS} !=on |
| 42 | 42 | # RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301] |
| 43 | 43 | |
| 44 | 44 | # ----- Long-cache static assets ----------------------------------------- |
| 45 | 45 | # CSS, JS, fonts, images get a year of cache. Bust by appending a |
| 46 | 46 | # version querystring (e.g. /assets/css/site.css?v=2026-05) when you |
| 47 | 47 | # change them. |
| 48 | 48 | <FilesMatch "\.(css|js|woff2?|ttf|eot|webp|png|jpg|jpeg|gif|svg|ico)$"> |
| 49 | 49 | <IfModule mod_headers.c> |
| 50 | 50 | Header set Cache-Control "public, max-age=31536000, immutable" |
| 51 | 51 | </IfModule> |
| 52 | 52 | </FilesMatch> |
| 53 | 53 | |
| 54 | 54 | # ----- Light security headers ------------------------------------------- |
| 55 | 55 | <IfModule mod_headers.c> |
| 56 | 56 | Header always set X-Content-Type-Options "nosniff" |
| 57 | 57 | Header always set X-Frame-Options "SAMEORIGIN" |
| 58 | 58 | Header always set Referrer-Policy "strict-origin-when-cross-origin" |
| 59 | 59 | </IfModule> |