htaccess That FREAKIN Works!
- YSlow grade is horrible
- Site speed is slow
- Brute force attacks
I increased my ySlow grade from D to B and 16% points with this .htaccess file that is based on several sources (links listed after the jump).
Nicholas K. Dionysopoulos from Akeeba Backup, Radek Suski from SigSiu.net and many other contributors have been working on a Master htaccess file for many years that you can find it at docs.joomla.org I have attempted to use this several times in the past with mixed results. All servers are not created equal and some of the settings in this file can break your site (temporarily). The version I offer you here works on most hosts. You will have to make modifications to the sample to reflect your own personal needs.
RULE #1: If you do not know what most of this means do not start screwing around on your live site. Hire a professional.
- As a general statement, you may do a find and replace to change example.com to your URL.
- Read the comments in the file. Yes, ALL OF THEM!
- Do a before and after test at GTMetrix
- If you are testing this in a subfolder remember to uncomment RewriteBase /
- And for Pete's sake, remember to change your htaccess.txt to .htaccess
- Finally, this is a blog post and not an offer for free tech support. Use this information at your own risk.
This file is fairly comprehensive and covers the standard items in the core Joomla htaccess.txt file PLUS:
- ETag Optimization
- Automatic compression of resources
- bad user agent or IP blocking code
- common exploits
- File injection protection
- Basic antispam Filter
- visual fingerprinting of Joomla! sites
- Advanced server protection rules exceptions
- Advanced server protection - paths and files
- Back-end protection
- Disallow front-end access for certain Joomla! system directories
- Google Apps redirection
- Custom redirects
- Redirect non-www to www (a must for good SEO)
- Optimal default expiration time
- Block mySQL injects
- Block site scrapers