tougao/.htaccess

# Apache配置文件
# 用于URL重写和安全设置

# 启用重写引擎
RewriteEngine On

# URL重写规则
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# 安全设置 - 禁止访问敏感目录
<Files "config/*">
    Order Allow,Deny
    Deny from all
</Files>

<Files "includes/*">
    Order Allow,Deny
    Deny from all
</Files>

<Files "data/*">
    Order Allow,Deny
    Deny from all
</Files>

# 禁止访问敏感文件
<FilesMatch "\.(sql|log|md|txt|conf)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# 禁止访问隐藏文件
<FilesMatch "^\.*">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# 禁止访问安装文件（安装完成后）
<Files "install.php">
    Order Allow,Deny
    Deny from all
</Files>

# 设置默认字符集
AddDefaultCharset UTF-8

# 启用GZIP压缩
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

# 设置缓存策略
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/ico "access plus 1 month"
    ExpiresByType image/icon "access plus 1 month"
    ExpiresByType text/plain "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
</IfModule>

# 安全头设置
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options nosniff
    Header always set X-Frame-Options DENY
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
first commit 2025-05-26 15:23:18 +08:00			`# Apache配置文件`
			`# 用于URL重写和安全设置`

			`# 启用重写引擎`
			`RewriteEngine On`

			`# URL重写规则`
			`RewriteCond %{REQUEST_FILENAME} !-f`
			`RewriteCond %{REQUEST_FILENAME} !-d`
			`RewriteRule ^(.*)$ index.php [QSA,L]`

			`# 安全设置 - 禁止访问敏感目录`
			`<Files "config/*">`
			`Order Allow,Deny`
			`Deny from all`
			`</Files>`

			`<Files "includes/*">`
			`Order Allow,Deny`
			`Deny from all`
			`</Files>`

			`<Files "data/*">`
			`Order Allow,Deny`
			`Deny from all`
			`</Files>`

			`# 禁止访问敏感文件`
			`<FilesMatch "\.(sql\|log\|md\|txt\|conf)$">`
			`Order Allow,Deny`
			`Deny from all`
			`</FilesMatch>`

			`# 禁止访问隐藏文件`
			`<FilesMatch "^\.*">`
			`Order Allow,Deny`
			`Deny from all`
			`</FilesMatch>`

			`# 禁止访问安装文件（安装完成后）`
			`<Files "install.php">`
			`Order Allow,Deny`
			`Deny from all`
			`</Files>`

			`# 设置默认字符集`
			`AddDefaultCharset UTF-8`

			`# 启用GZIP压缩`
			`<IfModule mod_deflate.c>`
			`AddOutputFilterByType DEFLATE text/plain`
			`AddOutputFilterByType DEFLATE text/html`
			`AddOutputFilterByType DEFLATE text/xml`
			`AddOutputFilterByType DEFLATE text/css`
			`AddOutputFilterByType DEFLATE application/xml`
			`AddOutputFilterByType DEFLATE application/xhtml+xml`
			`AddOutputFilterByType DEFLATE application/rss+xml`
			`AddOutputFilterByType DEFLATE application/javascript`
			`AddOutputFilterByType DEFLATE application/x-javascript`
			`</IfModule>`

			`# 设置缓存策略`
			`<IfModule mod_expires.c>`
			`ExpiresActive On`
			`ExpiresByType text/css "access plus 1 month"`
			`ExpiresByType application/javascript "access plus 1 month"`
			`ExpiresByType image/png "access plus 1 month"`
			`ExpiresByType image/jpg "access plus 1 month"`
			`ExpiresByType image/jpeg "access plus 1 month"`
			`ExpiresByType image/gif "access plus 1 month"`
			`ExpiresByType image/ico "access plus 1 month"`
			`ExpiresByType image/icon "access plus 1 month"`
			`ExpiresByType text/plain "access plus 1 month"`
			`ExpiresByType application/pdf "access plus 1 month"`
			`</IfModule>`

			`# 安全头设置`
			`<IfModule mod_headers.c>`
			`Header always set X-Content-Type-Options nosniff`
			`Header always set X-Frame-Options DENY`
			`Header always set X-XSS-Protection "1; mode=block"`
			`Header always set Referrer-Policy "strict-origin-when-cross-origin"`
			`</IfModule>`