# ServerAdmin webmaster@localhost DocumentRoot /var/www/html/tiki/ #ErrorLog ${APACHE_LOG_DIR}/error.log #CustomLog ${APACHE_LOG_DIR}/access.log combined ErrorLog /dev/stderr TransferLog /dev/stdout SSLOptions +StdEnvVars SSLOptions +StdEnvVars Require all denied order deny,allow deny from all Require all denied order deny,allow deny from all DirectoryIndex index.php # Make sure proxies don't deliver the wrong content. Header append Vary User-Agent env=!dont-vary AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json # DEFLATE by extension. AddOutputFilter DEFLATE js css htm html xml svg FileETag none Header unset Cache-Control # Mod_headers, y u no match by Content-Type?! SetEnvIf Origin ":" IS_CORS Header set Access-Control-Allow-Origin "*" env=IS_CORS Header set Access-Control-Allow-Origin "*" ExpiresActive on ExpiresDefault "access plus 1 month" ExpiresActive on ExpiresDefault "access plus 1 month" RewriteEngine On # -- Apache Authorization Header -- # # Rewrite rules for passing authorization with Apache running in CGI or FastCGI mode RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] # -- SVN Checkout Enabled Tiki -- # # Prevents reading of SVN specific files, if your website is using this. (Development only normally) RewriteRule .*/\.svn/.* - [F,L] # -- If the URL Points to a File Then do Nothing -- # RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule (.*) - [L] # -- Tiki URL Rewriting -- # # Read more: https://dev.tiki.org/URL+Rewriting+Revamp RewriteRule .* route.php [L] Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted order deny,allow allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all #remaining files - unknown browser access Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes AuthUserFile /PATH_TO_TIKI_PERMISSIONCHECK/.htpasswd AuthName "permissioncheck prepare password protection first" AuthType Basic require valid-user Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all granted order deny,allow allow from all Require all denied order deny,allow deny from all Require all granted order deny,allow allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all granted order deny,allow allow from all ExpiresActive on ExpiresDefault "modification" Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all #the map and less files are allowed for developer deugging tools. Require all granted Allow from all Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes RewriteEngine On # -- Always Allow These File Types -- # RewriteRule "\.(jpe?g|png|ico|gif|svgz?|ttf|eot|woff2?|otf|js|css)$" "-" [PT,L] # -- Allow Access to files used by Developer Dubugging Tools -- # RewriteRule "\.(map|less|scss)$" "-" [PT,L] # -- Deny Everything Not Matched Above -- # RewriteRule "/*" "-" [F] # -- Prevent Directory Browsing -- # Options -Indexes RewriteEngine On # -- Always Allow These File Types -- # RewriteRule "\.(jpe?g|png|ico|gif|svgz?|ttf|eot|woff2?|otf|js|css)$" "-" [PT,L] # -- Allow Access to files used by Developer Dubugging Tools -- # RewriteRule "\.(map|less|scss)$" "-" [PT,L] # -- Vendor Exception List -- # # These are file types by vendor file that will bypass the default filtering # # If you are adding a new vendor that needs browser access, adding a file # type exception will be required. RewriteRule "^(vendor/player/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/fortawesome/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/jquery/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/studio-42/).*/.*\.wav$" "-" [PT,L] # -- Deny Everything Not Matched Above -- # RewriteRule "/*" "-" [F] # -- Prevent Directory Browsing -- # Options -Indexes Deny from all Deny from all #deny from all order deny,allow deny from all Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes # # ServerAdmin webmaster@localhost DocumentRoot /var/www/html/tiki/ #ErrorLog ${APACHE_LOG_DIR}/error.log #CustomLog ${APACHE_LOG_DIR}/access.log combined ErrorLog /dev/stderr TransferLog /dev/stdout SSLEngine on SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key SSLOptions +StdEnvVars SSLOptions +StdEnvVars # # Options +MultiViews # AllowOverride All # Require all granted # Require all denied order deny,allow deny from all Require all denied order deny,allow deny from all DirectoryIndex index.php # Make sure proxies don't deliver the wrong content. Header append Vary User-Agent env=!dont-vary AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json # DEFLATE by extension. AddOutputFilter DEFLATE js css htm html xml svg FileETag none Header unset Cache-Control # Mod_headers, y u no match by Content-Type?! SetEnvIf Origin ":" IS_CORS Header set Access-Control-Allow-Origin "*" env=IS_CORS Header set Access-Control-Allow-Origin "*" ExpiresActive on ExpiresDefault "access plus 1 month" ExpiresActive on ExpiresDefault "access plus 1 month" RewriteEngine On # -- Apache Authorization Header -- # # Rewrite rules for passing authorization with Apache running in CGI or FastCGI mode RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] # -- SVN Checkout Enabled Tiki -- # # Prevents reading of SVN specific files, if your website is using this. (Development only normally) RewriteRule .*/\.svn/.* - [F,L] # -- If the URL Points to a File Then do Nothing -- # RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule (.*) - [L] # -- Tiki URL Rewriting -- # # Read more: https://dev.tiki.org/URL+Rewriting+Revamp RewriteRule .* route.php [L] Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted order deny,allow allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all #remaining files - unknown browser access Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes AuthUserFile /PATH_TO_TIKI_PERMISSIONCHECK/.htpasswd AuthName "permissioncheck prepare password protection first" AuthType Basic require valid-user Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all granted order deny,allow allow from all Require all denied order deny,allow deny from all Require all granted order deny,allow allow from all # -- Prevent Directory Browsing -- # Options -Indexes Require all granted order deny,allow allow from all ExpiresActive on ExpiresDefault "modification" Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes Require all denied order deny,allow deny from all #the map and less files are allowed for developer deugging tools. Require all granted Allow from all Require all denied order deny,allow deny from all # -- Prevent Directory Browsing -- # Options -Indexes RewriteEngine On # -- Always Allow These File Types -- # RewriteRule "\.(jpe?g|png|ico|gif|svgz?|ttf|eot|woff2?|otf|js|css)$" "-" [PT,L] # -- Allow Access to files used by Developer Dubugging Tools -- # RewriteRule "\.(map|less|scss)$" "-" [PT,L] # -- Deny Everything Not Matched Above -- # RewriteRule "/*" "-" [F] # -- Prevent Directory Browsing -- # Options -Indexes RewriteEngine On # -- Always Allow These File Types -- # RewriteRule "\.(jpe?g|png|ico|gif|svgz?|ttf|eot|woff2?|otf|js|css)$" "-" [PT,L] # -- Allow Access to files used by Developer Dubugging Tools -- # RewriteRule "\.(map|less|scss)$" "-" [PT,L] # -- Vendor Exception List -- # # These are file types by vendor file that will bypass the default filtering # # If you are adding a new vendor that needs browser access, adding a file # type exception will be required. RewriteRule "^(vendor/player/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/fortawesome/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/jquery/).*/.*\.swf$" "-" [PT,L] RewriteRule "^(vendor/studio-42/).*/.*\.wav$" "-" [PT,L] # -- Deny Everything Not Matched Above -- # RewriteRule "/*" "-" [F] # -- Prevent Directory Browsing -- # Options -Indexes Deny from all Deny from all #deny from all order deny,allow deny from all Require all denied order deny,allow deny from all Require all granted Allow from all # -- Prevent Directory Browsing -- # Options -Indexes #