htaccess.txt

##
# @version     $Id: htaccess.txt 3024 2011-10-09 01:44:30Z johanjanssens $
# @category    Nooku
# @package     Nooku_Server
# @copyright   Copyright (C) 2011 - 2012 Timble CVBA and Contributors. (http://www.timble.net).
# @license     GNU GPLv3 <http://www.gnu.org/licenses/gpl.html>
# @link        http://www.nooku.org
##

#####################################################
#  READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

##  Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#  Use mod_rewrite
RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files

RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

#  Uncomment following line if your webserver's URL
#  is not directly related to physical file paths.
#  Update Your Joomla! Directory (just / for root)

#RewriteBase /

########## Begin - Rewrite conditions
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.json|\.feed|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Rewrite conditions

########## Begin - Optimal default expiration time
## Note: You need to enable the "System - Expire" plugin for this to work optimally
## Based on: http://akeeba.assembla.com/code/master-htaccess/git/nodes/htaccess.txt 
<IfModule mod_expires.c>
    # Uncomment following line if you want to enable expires
    #ExpiresActive On
    
    ExpiresByType text/css "now plus 1 year"
    ExpiresByType application/javascript "now plus 1 year"
    ExpiresByType application/x-javascript "now plus 1 year"
    
    ExpiresByType image/bmp "now plus 1 year"
    ExpiresByType image/gif "now plus 1 year"
    ExpiresByType image/jpeg "now plus 1 year"
    ExpiresByType image/png "now plus 1 year"
    ExpiresByType image/svg+xml "now plus 1 year"
    ExpiresByType image/vnd.microsoft.icon "now plus 1 year"
    ExpiresByType image/x-icon "now plus 1 year"
    ExpiresByType image/ico "now plus 1 year"
    ExpiresByType image/icon "now plus 1 year"
    ExpiresByType text/ico "now plus 1 year"
    ExpiresByType application/ico "now plus 1 year"
</IfModule>

<IfModule mod_headers.c>
    Header unset ETag
	FileETag None
</IfModule>
########## End - Optimal expiration time