83 lines
2.2 KiB
ApacheConf
83 lines
2.2 KiB
ApacheConf
# Apache配置文件
|
|
# 用于URL重写和安全设置
|
|
|
|
# 启用重写引擎
|
|
RewriteEngine On
|
|
|
|
# URL重写规则
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^(.*)$ index.php [QSA,L]
|
|
|
|
# 安全设置 - 禁止访问敏感目录
|
|
<Files "config/*">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
<Files "includes/*">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
<Files "data/*">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
# 禁止访问敏感文件
|
|
<FilesMatch "\.(sql|log|md|txt|conf)$">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# 禁止访问隐藏文件
|
|
<FilesMatch "^\.*">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# 禁止访问安装文件(安装完成后)
|
|
<Files "install.php">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
# 设置默认字符集
|
|
AddDefaultCharset UTF-8
|
|
|
|
# 启用GZIP压缩
|
|
<IfModule mod_deflate.c>
|
|
AddOutputFilterByType DEFLATE text/plain
|
|
AddOutputFilterByType DEFLATE text/html
|
|
AddOutputFilterByType DEFLATE text/xml
|
|
AddOutputFilterByType DEFLATE text/css
|
|
AddOutputFilterByType DEFLATE application/xml
|
|
AddOutputFilterByType DEFLATE application/xhtml+xml
|
|
AddOutputFilterByType DEFLATE application/rss+xml
|
|
AddOutputFilterByType DEFLATE application/javascript
|
|
AddOutputFilterByType DEFLATE application/x-javascript
|
|
</IfModule>
|
|
|
|
# 设置缓存策略
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresByType text/css "access plus 1 month"
|
|
ExpiresByType application/javascript "access plus 1 month"
|
|
ExpiresByType image/png "access plus 1 month"
|
|
ExpiresByType image/jpg "access plus 1 month"
|
|
ExpiresByType image/jpeg "access plus 1 month"
|
|
ExpiresByType image/gif "access plus 1 month"
|
|
ExpiresByType image/ico "access plus 1 month"
|
|
ExpiresByType image/icon "access plus 1 month"
|
|
ExpiresByType text/plain "access plus 1 month"
|
|
ExpiresByType application/pdf "access plus 1 month"
|
|
</IfModule>
|
|
|
|
# 安全头设置
|
|
<IfModule mod_headers.c>
|
|
Header always set X-Content-Type-Options nosniff
|
|
Header always set X-Frame-Options DENY
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set Referrer-Policy "strict-origin-when-cross-origin"
|
|
</IfModule> |