Diff -- /var/www/vhosts/webstls.com/httpdocs/.htaccess

O Operator
Diff

/var/www/vhosts/webstls.com/httpdocs/.htaccess

deleted on WebSTLs (webstls.com) at 2026-07-12 13:55:02

Added
+0
lines
Removed
-59
lines
Context
0
unchanged
Blobs
from 3bb39bb1c9c8
to
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.
1# =====================================================================
2# WebSTLs — webroot .htaccess
3# Lives at /var/www/vhosts/webstls.com/httpdocs/.htaccess
4#
5# This file controls how Apache treats files in this directory and below.
6# Only directives that are LEGAL inside .htaccess are used (no <Directory>
7# or <VirtualHost> blocks — those are reserved for the main server config).
8# =====================================================================
9
10# ----- CGI execution ----------------------------------------------------
11# Treat *.cgi files as CGI scripts. Plus a sane index file order.
12Options +ExecCGI -Indexes +FollowSymLinks
13AddHandler cgi-script .cgi
14DirectoryIndex index.cgi index.html
15
16# ----- Wildcard subdomain → storefront ----------------------------------
17# Any <name>.webstls.com hits store.cgi?subdomain=<name>. Skipped for the
18# canonical webstls.com / www.webstls.com hosts so the marketing site keeps
19# working normally.
20<IfModule mod_rewrite.c>
21 RewriteEngine On
22
23 RewriteCond %{HTTP_HOST} !^webstls\.com$ [NC]
24 RewriteCond %{HTTP_HOST} !^www\.webstls\.com$ [NC]
25 RewriteCond %{HTTP_HOST} ^([a-z0-9-]+)\.webstls\.com$ [NC]
26 RewriteRule ^/?$ /store.cgi?subdomain=%1 [L,QSA]
27</IfModule>
28
29# ----- Block sensitive files everywhere under the webroot ---------------
30# *.sql — db_schema.sql and any SQL dumps
31# *.pm — Perl modules accidentally placed in the webroot
32# *.log — error / debug logs
33# *.bak — editor backup files
34# *.prev — pre-edit copies
35<FilesMatch "\.(sql|pm|log|bak|prev|dat|db)$">
36 Require all denied
37</FilesMatch>
38
39# ----- Force HTTPS (uncomment once your SSL cert is fully in place) -----
40# RewriteEngine On
41# RewriteCond %{HTTPS} !=on
42# RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
43
44# ----- Long-cache static assets -----------------------------------------
45# CSS, JS, fonts, images get a year of cache. Bust by appending a
46# version querystring (e.g. /assets/css/site.css?v=2026-05) when you
47# change them.
48<FilesMatch "\.(css|js|woff2?|ttf|eot|webp|png|jpg|jpeg|gif|svg|ico)$">
49 <IfModule mod_headers.c>
50 Header set Cache-Control "public, max-age=31536000, immutable"
51 </IfModule>
52</FilesMatch>
53
54# ----- Light security headers -------------------------------------------
55<IfModule mod_headers.c>
56 Header always set X-Content-Type-Options "nosniff"
57 Header always set X-Frame-Options "SAMEORIGIN"
58 Header always set Referrer-Policy "strict-origin-when-cross-origin"
59</IfModule>