logo

【Forum】Improve Performance, Stability and Security of Joomla 3.5 with htaccess ~ FusoElektronique

Community and Web Radio of Electronic Music, Art, Culture, Design, DIY, Events, Free Productions, Politics, Technology.

FusoElektronique ~ Forum

file Improve Performance, Stability and Security of Joomla 3.5 with htaccess

01 Apr 2016 16:07 - 07 Apr 2016 20:28 #1 by Trony
Trony created the topic: Improve Performance, Stability and Security of Joomla 3.5 with htaccess


With a small change to the default Joomla's htaccess, with can improve Performance, Stability and Security of the CMS.

Ingredients

1) Server / Hosting based on Linux with Apache >2.0

2) In Global Configuration:
Search Engine Friendly URLs and Use URL Rewriting ► YES

3) Rename htaccess.txt in .htaccess

4) At the end of .htaccess, put this:
## GENERAL
#################################################################################
ServerSignature Off
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{THE_REQUEST} (\\r|\\n|%0A|%0D) [NC,OR]
#################################################################################


## ETAG
#################################################################################
Header unset ETag
FileETag None
#################################################################################


## COMPRESSION
#################################################################################
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
<IfModule mod_setenvif.c>
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|pdf|ico|svg)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:avi|mov|mp3|mp4|rm|flv|swf|mp?g)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.mp3$ no-gzip dont-vary
</IfModule>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
</IfModule>

<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist
# and the client accepts gzip.
RewriteCond "%{HTTP:Accept-encoding}" "gzip"
RewriteCond "%{REQUEST_FILENAME}\.gz" -s
RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA]

# Serve gzip compressed JS files if they exist
# and the client accepts gzip.
RewriteCond "%{HTTP:Accept-encoding}" "gzip"
RewriteCond "%{REQUEST_FILENAME}\.gz" -s
RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA]


# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1]
RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]


<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header append Content-Encoding gzip

# Force proxies to cache gzipped &
# non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
#################################################################################


## EXPIRES CACHING
#################################################################################
<IfModule mod_expires.c>

ExpiresActive on

# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
ExpiresByType text/cache-manifest "access plus 0 seconds"

# Data
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"

# Feed
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"

# Favicon (cannot be renamed)
AddType image/x-icon .ico
ExpiresByType image/x-icon "access plus 1 year"

# Media: images, video, audio
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"

# HTC files (css3pie)
ExpiresByType text/x-component "access plus 1 month"

# Webfonts
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"

# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"

</IfModule>
#################################################################################


## HEADER
#################################################################################
<IfModule mod_headers.c>
RequestHeader unset Range
Header set Timing-Allow-Origin: "*"
Header set X-Content-Type-Options "nosniff"

<FilesMatch "\.(js|css|xml|gz)$">
Header append Vary: Accept-Encoding
</FilesMatch>


## UNSET COOKIES
################################################
<FilesMatch "\.(js|css|jpg|png|jpeg|gif|xml|json|txt|pdf|mov|avi|otf|woff|ico|swf)$">
RequestHeader unset Cookie
Header unset Cookie
Header unset Set-Cookie
</FilesMatch>
################################################


## COMPATIBILITY
################################################
Header set X-UA-Compatible "IE=edge"
<FilesMatch "(?i)^.*\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
################################################


## SECURITY
################################################
Header set X-XSS-Protection "1; mode=block"
<FilesMatch "(?i)^.*\.(appcache|crx|css|cur|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$">
Header unset X-XSS-Protection
</FilesMatch>
################################################

</IfModule>
#################################################################################


## CROSS-ORIGIN
#################################################################################
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
<FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
</IfModule>

<IfModule mod_headers.c>
<FilesMatch "\.(eot|otf|tt[cf]|woff2?)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
#################################################################################


## JOOMLA & SYSTEM CONFIG
###############################################
php_flag register_globals Off
php_flag magic_quotes On
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag magic_quotes_sybase Off
php_flag display_errors off
php_value default_charset "utf-8"

### disable caching for development/debugging purposes
#Header unset Cache-Control
#Header set Cache-Control: "no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"
#Header unset ETag
#Header set Pragma "no-cache"
#Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"

Now you can check Header and Performance with these Online Free Tools:

° RedBot
° PageSpeed Insights by Google
° Webpagetest
° GTmetrix
Music and Electronic Devices Designer. Drum and Bass Addict. Creative Mind as Lifestyle. Cat in past Life. Soccer, Ice Hockey and Snowboard Lover. Marxist.
Sono Il Re sul Carro Danzante. Attraversando La Città Getto Via I Coriandoli Della Vostra Tristezza Regalando Passione Ed Estasi Nei Vostri Occhi.
Follow Trony on: FusoElektronique | Facebook | Twitter | Google+ | Soundcloud
Last Edit: 07 Apr 2016 20:28 by Trony.

Please Log in or Create an account to join the conversation.

Web Hosting

Please. Leave a Vote at this Topic.

Moderators: Trony
【Forum】Improve Performance, Stability and Security of Joomla 3.5 with htaccess ~ FusoElektronique Page 1 | Improve Performance, Stability and Security of Joomla 3.5 with htaccess. Published by Trony on Friday, 01 April 2016 in Computers - WebMastering - Consolle (Design's Factory)
0

Related topics


Topic subjectDate of latest post
01 Apr 2016
Time to create page: 0.304 seconds

Come and Follow Us

Do You Love Electronic Music ?!?

Do You like Technology and Design ?!?

Are You a Dj / Producer / PR and more... ?!?

Do You Want Promote Yourself for FREE ?!?

Join in the our Community... Register !!!

If You have an Account, Login and Share with Us your Electronic's Culture

FusoElektronique ~ Pure Electronic Music FusoElektronique
FusoElektronique ~ Pure Electronic Music