Of Stack

web. config (IIS) and.htaccess (Apache) configurations

  • 2021-07-09 09:35:41
  • OfStack

xml 


<?xml version="1.0" encoding="UTF-8"?>
<configuration>
	<system.webServer>

		<httpProtocol>
			<customHeaders>
				<add name="Access-Control-Allow-Origin" value="URL_TO_ALLOW"/>
				<add name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,OPTIONS"/>
				<add name="Access-Control-Allow-Headers" value="Content-Type"/>
			</customHeaders>
		</httpProtocol>

</system.webServer>
</configuration>

forceHTTPS 


<?xml version="1.0" encoding="UTF-8"?>
<configuration>
	<system.webServer>

		<rewrite>
			<rules>

			<rule name="Force HTTPS" stopProcessing="true">
  		<match url="(.*)" />
  		<conditions logicalGrouping="MatchAll">
    	<add input="{HTTPS}" pattern="off" ignoreCase="true" />
    	<add input="{REQUEST_URI}" negate="true" pattern="/ADD_PATTERM_TO_EXCLUDE_FILES_OR_FOLDERS/" ignoreCase="true" />
  		</conditions>
  		<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
			</rule>

			</rules>
		</rewrite>

</system.webServer>
</configuration>

browserCaching 


# Enables browser caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
</IfModule>

customErrorPages

# Sets up custom error pages for 4xx and 5xx errors
ErrorDocument 403 /custom-403.html
ErrorDocument 404 /custom-404.html

forceHTTPS

RewriteEngine On
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

preventAccessToConfigFiles

# Denies access to all .htaccess files
< Files ~ "^.*\.([Hh][Tt][Aa])" >
Order Allow,Deny
Deny from all
Satisfy all
< /Files >

urlRewrite

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]

Well, this article will be introduced here, and friends who need it can learn 1.

Related articles: