Does adding it cause caching issues?
In contrary, a well-done .htaccess File will, at best, improve Performance. Get one from an older OC Version, to at least have one on board.
My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Have you got your file browser set not to show hidden files?scottyboyyy wrote: ↑Tue Apr 12, 2022 5:04 pmHow comes this file is missing in the latest Opencart versions?
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
After using OC3031 for many years successfully I have just installed a fresh OC3038 and transfered all my old data to new one.
Do I still need all of these settings in my htaccess?
RewriteOptions inherit
Options +FollowSymlinks
RewriteEngine On
# Prevent Directory listing
Options -Indexes
# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|.twig|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
</FilesMatch>
# SEO URL Settings
RewriteEngine On
# If your opencart installation does not run on the main web folder: "RewriteBase /" becomes "RewriteBase /ShopName/"
RewriteBase /
RewriteCond %{SERVER_PORT} xx
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
#For Leverage browser caching,
<IfModule mod_expires.c>
ExpiresActive On
# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
# Video
ExpiresByType video/mp4 "access plus 1 year"
# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>
### X-Security Headers ###
# X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
#force https:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#ENABLING HSTS:
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
#Force www:
RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]
# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
php_value default_charset "UTF-8;"
php_value memory_limit 512M
php_value max_execution_time 60
php_value upload_max_filesize 512M
php_value mysql.connect_timeout 20
php_flag session.auto_start Off
php_flag session.use_only_cookies On
php_flag session.use_cookies On
php_flag session.use_trans_sid Off
php_value session.cookie_httponly "On;"
php_value session.gc_maxlifetime 1440
php_flag display_errors Off
php_value error_reporting E_ALL & ~E_NOTICE
php_value max_input_time 90
php_value max_input_vars 1000
php_value post_max_size 512M
php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
php_flag zlib.output_compression On
</IfModule>
<IfModule lsapi_module>
php_value default_charset "UTF-8;"
php_value memory_limit 512M
php_value max_execution_time 60
php_value upload_max_filesize 512M
php_value mysql.connect_timeout 20
php_flag session.auto_start Off
php_flag session.use_only_cookies On
php_flag session.use_cookies On
php_flag session.use_trans_sid Off
php_value session.cookie_httponly "On;"
php_value session.gc_maxlifetime 1440
php_flag display_errors Off
php_value error_reporting E_ALL & ~E_NOTICE
php_value max_input_time 90
php_value max_input_vars 1000
php_value post_max_size 512M
php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
php_flag zlib.output_compression On
</IfModule>
# END cPanel-generated php ini directives, do not edit
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)
yes, you still need these rules. Besides the rules for OpenCart core, there are also rules for hosting - php parameters
eWeb Ltd.
OpenCart & поддръжка на сайт
Code: Select all
RewriteBase /
####COMMENT this makes no sense
RewriteCond %{SERVER_PORT} xx
####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L]
####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L]
RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L]
####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^system/download/(.*) index.php?route=error/not_found [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
####COMMENT I assume that this is inserted by your host for certification validation
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA]
#For Leverage browser caching,
<IfModule mod_expires.c>
ExpiresActive On
####COMMENT add default no caching before the more specific definitions
ExpiresDefault A0
# Images
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
# Video
ExpiresByType video/mp4 "access plus 1 year"
# CSS, JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
# Others
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>
### X-Security Headers ###
# X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
#force https:
####COMMENT suggest you put this at the very top
RewriteEngine On
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTPS} off
####COMMENT never use HTTP_HOST for redirects unless you have multiple hosts and you are sure it contains one of YOUR hosts, use the same rule you have for non-www to www below instead
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#ENABLING HSTS:
####COMMENT you already set this above, differently
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
#Force www:
####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above
RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]
DISCLAIMER:
You should not modify core files .. if you would like to donate a cup of coffee I will write it in a modification for you.
https://www.youtube.com/watch?v=zXIxDoCRc84
Thanks by Mona, great advice.by mona wrote: ↑Sat May 20, 2023 6:45 pmComments marked by ####COMMENTCode: Select all
RewriteBase / ####COMMENT this makes no sense RewriteCond %{SERVER_PORT} xx ####COMMENT I assume that this is inserted by your host for certification validation RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^sitemap.xml$ index.php?route=extension/feed/google_sitemap [L] ####COMMENT I assume that this is inserted by your host for certification validation RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^googlebase.xml$ index.php?route=extension/feed/google_base [L] RewriteRule ^/home/xxxxx/public_html/storage/(.*) index.php?route=error/not_found [L] ####COMMENT I assume that this is inserted by your host for certification validation RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^system/download/(.*) index.php?route=error/not_found [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css) ####COMMENT I assume that this is inserted by your host for certification validation RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^([^?]*) index.php?_route_=$1 [L,QSA] #For Leverage browser caching, <IfModule mod_expires.c> ExpiresActive On ####COMMENT add default no caching before the more specific definitions ExpiresDefault A0 # Images ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" # Video ExpiresByType video/mp4 "access plus 1 year" # CSS, JavaScript ExpiresByType text/css "access plus 1 month" ExpiresByType text/javascript "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" # Others ExpiresByType application/pdf "access plus 1 month" ExpiresByType application/x-shockwave-flash "access plus 1 month" </IfModule> ### X-Security Headers ### # X-XSS-Protection & X-Frame-Options & X-Content-Type nosniff & Strict-Transport-Security security header <IfModule mod_headers.c> Header set X-XSS-Protection "1; mode=block" Header always append X-Frame-Options SAMEORIGIN Header set X-Content-Type-Options nosniff Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" </IfModule> <Files 403.shtml> order allow,deny allow from all </Files> #force https: ####COMMENT suggest you put this at the very top RewriteEngine On ####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above RewriteCond %{HTTPS} off ####COMMENT never use HTTP_HOST for redirects unless you have multiple hosts and you are sure it contains one of YOUR hosts, use the same rule you have for non-www to www below instead RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] #ENABLING HSTS: ####COMMENT you already set this above, differently Header set Strict-Transport-Security "max-age=31536000" env=HTTPS #Force www: ####COMMENT suggest you put this BEFORE the SEO _ROUTE_ redirect above RewriteCond %{HTTP_HOST} ^mediasos.co.uk [NC] RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ RewriteRule ^(.*)$ https://www.mediasos.co.uk/$1 [L,R=301,NC]

I am using English OpenCart 3.0.3.8, Default Template/Theme, php 7.4, Latest Brave Browser (No Ads-Blocker, etc.)
https://github.com/Khnaz35/OpenCart-Fortress
Got an urgent question that’s keeping you up at night? There might just be a magical inbox ready to help: khnaz35@gmail.com
Enjoy nature
Users browsing this forum: Majestic-12 [Bot] and 25 guests