Post by scottyboyyy » Tue Apr 12, 2022 5:04 pm

How comes this file is missing in the latest Opencart versions?

Does adding it cause caching issues?

Active Member

Posts

Joined
Fri Apr 07, 2017 2:36 am

Post by IP_CAM » Tue Apr 12, 2022 5:27 pm

Does adding it cause caching issues?

In contrary, a well-done .htaccess File will, at best, improve Performance. Get one from an older OC Version, to at least have one on board.

My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by ADD Creative » Tue Apr 12, 2022 6:03 pm

Where are you downloading OpenCart from? There is a ".htaccess.txt" in all versions I've seen.

www.add-creative.co.uk


Guru Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom

Post by paulfeakins » Tue Apr 12, 2022 6:58 pm

scottyboyyy wrote:
Tue Apr 12, 2022 5:04 pm
How comes this file is missing in the latest Opencart versions?
Have you got your file browser set not to show hidden files?

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Legendary Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by JNeuhoff » Tue Apr 12, 2022 7:39 pm

A standard OC 3.0.3.8 includes an '.htaccess.txt' file. Rename the latter to '.htaccess', and then edit the file, especially for the 'RewriteBase'.

Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig


User avatar
Guru Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by straightlight » Tue Apr 12, 2022 8:17 pm

Also ensure that the Use SSL is enabled from your OC admin > systems > settings > edit settings > server tab.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by parkookk » Fri May 19, 2023 11:51 pm

Hi,
After using OC3031 for many years successfully I have just installed a fresh OC3038 and transfered all my old data to new one.
Do I still need all of these settings in my htaccess?

RewriteOptions inherit


Options +FollowSymlinks
RewriteEngine On

# Prevent Directory listing
Options -Indexes

# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|.twig|\.ini|\.log|(?<!robots)\.txt))">
Require all denied

</FilesMatch>

# SEO URL Settings
RewriteEngine On

# If your opencart installation does not run on the main web folder: "RewriteBase /" becomes "RewriteBase /ShopName/"

RewriteBase /
RewriteCond %{SERVER_PORT} xx
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

#For Leverage browser caching,
<IfModule mod_expires.c>
ExpiresActive On

# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"

# Video
ExpiresByType video/mp4 "access plus 1 year"

# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"

# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>


### X-Security Headers ###

# X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header

<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

#force https:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#ENABLING HSTS:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

#Force www:
RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]


# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
php_value default_charset "UTF-8;"
php_value memory_limit 512M
php_value max_execution_time 60
php_value upload_max_filesize 512M
php_value mysql.connect_timeout 20
php_flag session.auto_start Off
php_flag session.use_only_cookies On
php_flag session.use_cookies On
php_flag session.use_trans_sid Off
php_value session.cookie_httponly "On;"
php_value session.gc_maxlifetime 1440
php_flag display_errors Off
php_value error_reporting E_ALL & ~E_NOTICE
php_value max_input_time 90
php_value max_input_vars 1000
php_value post_max_size 512M
php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
php_flag zlib.output_compression On
</IfModule>
<IfModule lsapi_module>
php_value default_charset "UTF-8;"
php_value memory_limit 512M
php_value max_execution_time 60
php_value upload_max_filesize 512M
php_value mysql.connect_timeout 20
php_flag session.auto_start Off
php_flag session.use_only_cookies On
php_flag session.use_cookies On
php_flag session.use_trans_sid Off
php_value session.cookie_httponly "On;"
php_value session.gc_maxlifetime 1440
php_flag display_errors Off
php_value error_reporting E_ALL & ~E_NOTICE
php_value max_input_time 90
php_value max_input_vars 1000
php_value post_max_size 512M
php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
php_flag zlib.output_compression On
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)


User avatar
Active Member

Posts

Joined
Thu Jan 17, 2013 11:56 pm
Location - london

Post by andrey eftimov » Sat May 20, 2023 7:33 am

parkookk wrote:
Fri May 19, 2023 11:51 pm
Hi,
After using OC3031 for many years successfully I have just installed a fresh OC3038 and transfered all my old data to new one.
Do I still need all of these settings in my htaccess?

RewriteOptions inherit.....
yes, you still need these rules. Besides the rules for OpenCart core, there are also rules for hosting - php parameters

eWeb Ltd.
OpenCart & поддръжка на сайт


User avatar

Posts

Joined
Tue Nov 10, 2020 5:45 am
Location - Bulgaria

Post by by mona » Sat May 20, 2023 6:45 pm

Comments marked by ####COMMENT

Code: Select all

RewriteBase /

####COMMENT this makes no sense
RewriteCond %{SERVER_PORT} xx

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]

RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L]

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

#For Leverage browser caching,
<IfModule mod_expires.c>
ExpiresActive On

####COMMENT add default no caching before the more specific definitions
ExpiresDefault A0

# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"

# Video
ExpiresByType video/mp4 "access plus 1 year"

# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"

# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>


### X-Security Headers ###

# X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header

<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

#force https:
####COMMENT suggest you put this at the very top
RewriteEngine On
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTPS} off
####COMMENT never use HTTP_HOST for redirects unless you have multiple hosts and you are sure it contains one of YOUR hosts, use the same rule you have for non-www to www below instead
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#ENABLING HSTS:
####COMMENT you already set this above, differently
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

#Force www:
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]

DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.


https://www.youtube.com/watch?v=zXIxDoCRc84


User avatar
Expert Member

Posts

Joined
Mon Jun 10, 2019 9:31 am

Post by parkookk » Tue May 06, 2025 4:43 pm

by mona wrote:
Sat May 20, 2023 6:45 pm
Comments marked by ####COMMENT

Code: Select all

RewriteBase /

####COMMENT this makes no sense
RewriteCond %{SERVER_PORT} xx

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]

RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L]

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)

####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]

#For Leverage browser caching,
<IfModule mod_expires.c>
ExpiresActive On

####COMMENT add default no caching before the more specific definitions
ExpiresDefault A0

# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"

# Video
ExpiresByType video/mp4 "access plus 1 year"

# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"

# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>


### X-Security Headers ###

# X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header

<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

#force https:
####COMMENT suggest you put this at the very top
RewriteEngine On
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTPS} off
####COMMENT never use HTTP_HOST for redirects unless you have multiple hosts and you are sure it contains one of YOUR hosts, use the same rule you have for non-www to www below instead
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#ENABLING HSTS:
####COMMENT you already set this above, differently
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

#Force www:
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]
Thanks by Mona, great advice. :)

I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)


User avatar
Active Member

Posts

Joined
Thu Jan 17, 2013 11:56 pm
Location - london

Post by khnaz35 » Wed May 07, 2025 2:55 am


Got an urgent question that’s keeping you up at night? There might just be a magical inbox ready to help: khnaz35@gmail.com
Enjoy nature ;) :) :-*


User avatar
Active Member

Posts

Joined
Mon Aug 27, 2018 11:30 pm
Location - Malaysia
Who is online

Users browsing this forum: Majestic-12 [Bot] and 25 guests