File size: 3.77Kb
RewriteEngine On
# Основной домен с HTTPS редиректом
RewriteCond %{HTTP_HOST} ^www\.(.*) [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
# Включение/отключение error_log
php_flag log_errors off
# Отключение отображения ошибок интерпретатора
php_flag display_errors off
# Блок по ip (современный синтаксис для Apache 2.4+)
<RequireAll>
Require all granted
Require not ip 95.153.176.125 198.27.120.241
</RequireAll>
# Правила маршрутизации
RewriteRule ^iframe$ iframe.php [L,QSA]
RewriteRule ^guest$ guest/index.php [L,QSA]
RewriteRule ^rules$ rules.php [L,QSA]
RewriteRule ^cont$ cont.php [L,QSA]
RewriteRule ^freerek/?$ freerek/index.php [L,QSA]
RewriteRule ^home/?$ home.php [L,QSA]
RewriteRule ^top/?$ top.php [L,QSA]
RewriteRule ^admin/view$ admin/index.php?case=view [L,QSA]
RewriteRule ^admin/add$ admin/index.php?case=add [L,QSA]
RewriteRule ^admin/del/([0-9]+)$ admin/index.php?case=del&id=$1 [L,QSA]
RewriteRule ^admin/history$ admin/history.php [L,QSA]
RewriteRule ^admin/cod$ admin/cod.php [L,QSA]
RewriteRule ^admin/cod2$ admin/cod2.php [L,QSA]
RewriteRule ^admin/cod3$ admin/cod3.php [L,QSA]
RewriteRule ^admin/cod4$ admin/cod4.php [L,QSA]
RewriteRule ^admin/index$ admin/index.php [L,QSA]
RewriteRule ^admin/sett$ admin/sett.php [L,QSA]
RewriteRule ^wk$ wk/index.php [L,QSA]
RewriteRule ^wk/list-active$ wk/list-active.php [L,QSA]
RewriteRule ^wk/success$ wk/index.php?success=1 [L]
RewriteRule ^wk/error$ wk/index.php?error=1 [L]
RewriteRule ^freerek/success$ freerek/index.php?success=1 [L]
RewriteRule ^freerek/error$ freerek/index.php?error=1 [L]
RewriteRule ^terms/?$ soglashenie.php [L,QSA]
RewriteRule ^onas/?$ onas.php [L,QSA]
RewriteRule ^admin/news$ admin/news.php [L,QSA]
RewriteRule ^news/?$ news.php [L,QSA]
RewriteRule ^blog/?$ blog.php [L,QSA]
RewriteRule ^admin/blog$ admin/blog.php [L,QSA]
RewriteRule ^admin/filtr$ admin/filtrurl.php [L,QSA]
# Защита от распространенных атак
<IfModule mod_rewrite.c>
# Блокировка попыток SQL-инъекций
RewriteCond %{QUERY_STRING} (.*)(%27|')(.*) [NC]
RewriteRule ^(.*)$ - [F,L]
# Блокировка попыток XSS
RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3E) [NC]
RewriteRule ^(.*)$ - [F,L]
# Запрет доступа к скрытым файлам и папкам
RewriteRule ^\.(.*)$ - [F,L]
</IfModule>
# Кэширование для улучшения производительности
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType text/css "access plus 1 week"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 2 days"
</IfModule>
# Сжатие данных для ускорения загрузки
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/javascript application/x-javascript
</IfModule>
# Запрет доступа к файлам
<FilesMatch "\.(htaccess|htpasswd|ini|log|sh|sql)$">
Require all denied
</FilesMatch>
# Запрет листинга директорий
Options -Indexes
# Обработка ошибки 404
ErrorDocument 404 /404.php