forked from Ortus-Solutions/ContentBox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess
57 lines (48 loc) · 2.33 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
RewriteEngine on
#RepeatLimit 0
#SQL Injection Protection --Read More www.cybercrime.gov
#Please uncomment to use these rules if below words does not conflict with your friendly-urls. You may modify accordingly.
#RewriteRule ^.*EXEC\(@.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*CAST\(.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*DECLARE.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*DECLARE%20.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*NVARCHAR.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*sp_password.*$ /includes/templates/404.html [L,F,NC]
#RewriteRule ^.*%20xp_.*$ /includes/templates/404.html [L,F,NC]
# BLOCK unsupported HTTP methods
#RewriteCond %{REQUEST_METHOD} !^(GET|HEAD|OPTIONS|POST|PROPFIND|TRACE)$
#RewriteRule .* - [F]
#You may also want to block proxy attempts, if you see those in your logs:
# BLOCK attempts to use our server as a proxy, but allow absolute URIs (change example.com to your domain)
#RewriteCond %{THE_REQUEST} ^(GET|HEAD|POST)./?http:// [NC]
#RewriteCond %{THE_REQUEST} !^(GET|HEAD|POST)./?http://(www\.)?example\.com/
#RewriteRule .* - [F]
#if this call related to adminstrators or non rewrite folders, you can add more here.
RewriteCond %{REQUEST_URI} ^/(.*(CFIDE|cfide|CFFormGateway|jrunscripts|railo-context|mapping-tag|fckeditor)).*$
RewriteRule ^(.*)$ - [NC,L]
#dealing with flash / flex communication
RewriteCond %{REQUEST_URI} ^/(.*(flashservices|flex2gateway|flex-remoting)).*$
RewriteRule ^(.*)$ - [NC,L]
#font awesome
AddType application/vnd.ms-fontobject .eot
AddType font/ttf .ttf
AddType font/otf .otf
AddType font/woff .woff
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
# Media Types
RewriteCond %{REQUEST_URI} /__media\/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.cfm/%{REQUEST_URI} [QSA,L,NS]
#Images, css, javascript and docs, add your own extensions if needed.
RewriteCond %{REQUEST_URI} \.(bmp|gif|jpe?g|png|css|js|txt|xls|ico|swf)$
RewriteRule ^(.*)$ - [NC,L]
#The ColdBox index.cfm/{path_info} rules.
RewriteRule ^$ index.cfm [QSA,NS]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.cfm/%{REQUEST_URI} [QSA,L,NS]