Page 1 of 2
what is the best file .htaccess for opencart 2.3.0.2
Posted: Mon Feb 13, 2017 2:20 am
by said2017
Hello
what is the best file .htaccess for opencart 2.3.0.2
Code: Select all
# Rabbit Rabbit Security Upgrade, enhanced by Ernie 04/10/2016
Options +SymLinksIfOwnerMatch
# Prevent Directory listing
Options -Indexes
# Prevent Direct Access to files
<FilesMatch "\.(tpl|ini|log)">
Order deny,allow
Deny from all
</FilesMatch>
# disable etags
FileETag none
# SEO URL Settings
RewriteEngine On
RewriteBase /shop/
RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteRule ^download/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
# Enable Gzip Compression
AddOutputFilterByType DEFLATE text/text
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
# Remove Browser Bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
<IfModule mod_deflate.c>
<FilesMatch "\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
# cache gif, jpg, and png files for one week
<FilesMatch ".(gif|jpg|png)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
# Leverage Browser Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 week"
ExpiresByType image/jpeg "access plus 1 week"
ExpiresByType image/gif "access plus 1 week"
ExpiresByType image/png "access plus 1 week"
ExpiresByType text/css "access plus 1 week"
ExpiresByType application/pdf "access plus 1 week"
ExpiresByType text/x-javascript "access plus 1 week"
ExpiresByType application/x-shockwave-flash "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
ExpiresDefault "access plus 1 week"
</IfModule>
2......
Code: Select all
<FilesMatch "(?i)((\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Order deny,allow
Deny from all
</FilesMatch>
RewriteEngine On
RewriteBase /
RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteRule ^system/download/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css) [NC]
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
ExpiresActive On
ExpiresDefault A0
<FilesMatch "\.(gif|jpg|jpeg|png|GIF|JPG|JPEG|PNG)$">
ExpiresDefault A2592000
Header append Cache-Control "public"
</FilesMatch>
<FilesMatch "\.(less|js|css|gz)$">
ExpiresDefault A2592000
Header append Cache-Control "proxy-revalidate"
</FilesMatch>
<FilesMatch "\.(php)$">
ExpiresActive Off
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
</FilesMatch>
<IfModule mod_headers.c>
<FilesMatch "\.(less|js|css|xml|gz)$">
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
# compress text, HTML, JavaScript, CSS, and XML
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE font/woff .woff
AddOutputFilterByType DEFLATE application/x-font-woff
AddOutputFilterByType DEFLATE application/font-woff
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font-otf
# remove browser bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Order allow,deny
Allow from all
3...
Code: Select all
# 1.To use URL Alias you need to be running apache with mod_rewrite enabled.
# 2. In your opencart directory rename htaccess.txt to .htaccess.
# For any support issues please visit: http://www.opencart.com
Options +FollowSymlinks
# Prevent Directoy listing
Options -Indexes
# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>
# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder make sure you folder it does run in ie. / becomes /shop/
RewriteBase /
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
### Additional Settings that may need to be enabled for some servers
### Uncomment the commands by removing the # sign in front of it.
### If you get an "Internal Server Error 500" after enabling any of the following settings, restore the # as this means your host doesn't allow that.
# 1. If your cart only allows you to add one item at a time, it is possible register_globals is on. This may work to disable it:
# php_flag register_globals off
# 2. If your cart has magic quotes enabled, This may work to disable it:
# php_flag magic_quotes_gpc Off
# 3. Set max upload file size. Most hosts will limit this and not allow it to be overridden but you can try
# php_value upload_max_filesize 999M
# 4. set max post size. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value post_max_size 999M
# 5. set max time script can take. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_execution_time 200
# 6. set max time for input to be recieved. Uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
# php_value max_input_time 200
# 7. disable open_basedir limitations
# php_admin_value open_basedir none
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Mon Feb 13, 2017 3:17 am
by IP_CAM
try this, it's my last Version !
Ernie
UPDATED AFTER COMMENTS BELOW
Code: Select all
# Rabbit Rabbit Security Upgrade, enhanced by Ernie 02/12/2017
<Files .htaccess>
order allow,deny
deny from all
</Files>
LimitRequestBody 750000
Options +SymLinksIfOwnerMatch
# Prevent Directory listing
Options -Indexes
# Deny IP Access to Site
<Files *>
order allow,deny
allow from all
#deny from 46.229.
#deny from 63.243.
#deny from 163.172.
#deny from 180.76.
</Files>
# Prevent Direct Access to files
<FilesMatch "(?i)((^\.|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Order deny,allow
Deny from all
</FilesMatch>
# disable etags
FileETag none
# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder,
# make sure you folder it does run in ie. / becomes /shop/
RewriteBase /shop/
# Force (http host) non www to www
#RewriteCond %{HTTP_HOST} !^www\.
#RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteRule ^download/(.*) /index.php?route=error/not_found [L]
RewriteRule ^system/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
# Enable Gzip Compression
AddOutputFilterByType DEFLATE text/text
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
# Leverage Browser Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 1 month"
</IfModule>
# Remove Browser Bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Mon Feb 13, 2017 9:10 pm
by paulfeakins
Just briefly, what are the benefits of the above?
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Mon Feb 13, 2017 10:08 pm
by IP_CAM
Well, it helps me, to get a 99 percent Category Page performance rating on GTMETRIX,
among other things, like keeping Sneakers, from beeing able to access/download some
paid xxx.xml files from other Servers System Section, by example...
Ernie
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Feb 14, 2017 3:13 am
by artcore
Just so that people don't copy this verbatim in their own htaccess
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
That section is highly *not* recommended as it turns off mod_security
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Feb 14, 2017 4:55 am
by uksitebuilder
That .xml block is not good
Blocks access to sitemap.xml, googlebase.xml plus any other xml producing extensions.
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Feb 14, 2017 5:56 am
by IP_CAM
That .xml block is not good
@uksitebuilder:
<FilesMatch "(?i)((^\.|\.xml|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))">
if you mean this one, it may be so, but one could easy place Google/Sitemap.xml files outside of the
SHOP Directory itself, then, they work. I just added the
.xml filter to this routine, to prevent anyone
from checking my xxx.xml test files in the system directory, after testing the integrated VqMod...
---
@artcore:
No idea, where i've got this, possibly, this was part of the Rabbit-Rabbit Mod. But I am not familiar
with mod_security so far, so, I have to read the books about it, whenever and before it all get's real!
---
But it's great, that you check on it, it will only help others!
The File above has been modified accordingly.
Ernie
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Wed Feb 15, 2017 7:51 pm
by stef83136
Hi. How to use a special address static.yourdomain.com (for images and a CDN for example) if using:
Code: Select all
# Force (http host) non www to www
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
So far I used the following lines, which allowed me to use
static@yourdomain.com for images, but with your redirection it turns into
www.static.yourdomain.com :
Code: Select all
RewriteCond %{HTTP_HOST} ^aquamagasin.com$
RewriteRule ^(.*) http://www.aquamagasin.com/$1 [QSA,L,R=301]
RewriteRule ^index\.php$ http://www.aquamagasin.com/? [L,R=301]
an idea ? Thanks.
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Thu Feb 16, 2017 7:36 am
by stef83136
Hi, you're \.txt block robots.txt
# Prevent Direct Access to files
<FilesMatch "(?i)((^\.|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Order deny,allow
Deny from all
</FilesMatch>
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Wed Dec 12, 2018 4:24 pm
by stavrosa
<FilesMatch robots\.txt>
Allow from all
</FilesMatch>
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Mar 05, 2019 3:36 am
by mRC
IP_CAM wrote: ↑Mon Feb 13, 2017 3:17 am
try this, it's my last Version !
Ernie
UPDATED AFTER COMMENTS BELOW
Code: Select all
# Rabbit Rabbit Security Upgrade, enhanced by Ernie 02/12/2017
<Files .htaccess>
order allow,deny
deny from all
</Files>
LimitRequestBody 750000
Options +SymLinksIfOwnerMatch
# Prevent Directory listing
Options -Indexes
# Deny IP Access to Site
<Files *>
order allow,deny
allow from all
#deny from 46.229.
#deny from 63.243.
#deny from 163.172.
#deny from 180.76.
</Files>
# Prevent Direct Access to files
<FilesMatch "(?i)((^\.|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Order deny,allow
Deny from all
</FilesMatch>
# disable etags
FileETag none
# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder,
# make sure you folder it does run in ie. / becomes /shop/
RewriteBase /shop/
# Force (http host) non www to www
#RewriteCond %{HTTP_HOST} !^www\.
#RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
RewriteRule ^download/(.*) /index.php?route=error/not_found [L]
RewriteRule ^system/(.*) /index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
# Enable Gzip Compression
AddOutputFilterByType DEFLATE text/text
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
# Leverage Browser Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 1 month"
</IfModule>
# Remove Browser Bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
Hi Ernie
Sorry to ask but is this your latest version.
thanks very much
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Mar 05, 2019 4:24 am
by mRC
Also should this be added like below
# Enable Gzip Compression
<IfModule mod_deflate.c>
Thanks
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Mar 05, 2019 1:45 pm
by IP_CAM
mRC wrote: ↑Tue Mar 05, 2019 3:36 am
Hi Ernie, Sorry to ask but is this your latest version. thanks very much
Well, it's some time since I published that Code, but this one (removed!)
here is my latest Edition, I just made some tests, to show the difference
between using this file, compared to not using a .htaccess file at all.
It's not representative for a Stock OC, since I use other 'Goodies' as
well, to speed up Performance in multiple places, like 'subdomain'
Image-linking, Subdomain CSS/JS Header Code Linking, plus some
Category-Cache Function. In addition to a fully indexed Database ...
And I also 'combined' multiple JS + CSS File Code into one single File,
whereever possible, to fully unleash the real Power of OC !
Good Luck!
Ernie
UPDATE: the .htaccess code sample was removed again,
because those, in need of it, have it now. Sorry for the rest ...
---
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Tue Mar 05, 2019 3:32 pm
by mRC
Hi Ernie
Thanks for the reply and the information. we have VPS server and as far as we know everything is running for GZIP but still cant get it to work.
Enable gzip compression F (0) (Enable compression)
Leverage browser caching F (1) (expiration not specified)
We have used the code supplied with a few changes to the rewrite base etc but cant get it to work.
The .htaccess is working but not for gzip and browser caching
Would you have any ideas?
also I noticed you have this following
IfModule !mod_deflate.c
does the "!" need to be in the code?
Thanks for your time
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Wed Mar 06, 2019 10:04 am
by IP_CAM
Sorry, no Idea, when it comes the Server Configurations, I'm a Tester + Refiner,
but no System Admin, and widely unfamiliar with configuring Servers. I always
work online, to make sure, that something is tested to work on the Server, after
I only once tried it the other way, to only end up in tears...
Good Luck!
Ernie
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Wed Mar 06, 2019 3:31 pm
by mRC
Ok no problem, we have found the issue and we think it was a problem with Apache. We did start off using the .htaccess to process the gzip etc but after we moved to VPS and set up cloudflare it was no longer needed.
But to be honest cloudflare was brilliant with the CDN side of it but also caused us loads of problems with things not working on the site. Not only that we have noticed a drop in site traffic over the past year.
Results as follows
Index page
PageSpeed Score(99%)
YSlow Score(81%)
Category Page
PageSpeed Score (99%)
YSlow Score (83%)
So at the moment we are no longer using cloudflare so we are very happy with the result
Thanks for your help with thisd
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Thu Aug 15, 2019 7:22 pm
by mrwell
IP_CAM wrote: ↑Tue Mar 05, 2019 1:45 pm
UPDATE: the .htaccess code sample was removed again,
because those, in need of it, have it now. Sorry for the rest ...
---
Hi,
Could you PM me with your code?
Thank you
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Thu Feb 27, 2020 7:58 pm
by oberheimer
Hello, could you pm me the code as well.
I'm having trouble with Leverage browser caching
So I haven't added that to the my shop.
Regards
Niklas
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Thu Feb 27, 2020 10:39 pm
by IP_CAM
Well, I guess, you've seen it, and a few others too, so, I removed it now again.
Ernie
Re: what is the best file .htaccess for opencart 2.3.0.2
Posted: Mon Apr 27, 2020 5:33 pm
by devpro.ro
Hello IP CAM,
Could you pm me or reattach the code as well.
I will appreciate.
Have a good day!