@@ -130,7 +130,7 @@ Options -MultiViews
130130 # the `X-UA-Compatible` response header should be send only for
131131 # HTML documents and not for the other resources.
132132
133- <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$" >
133+ <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ic[os] |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$" >
134134 Header unset X-UA-Compatible
135135 </FilesMatch >
136136
@@ -226,6 +226,7 @@ Options -MultiViews
226226 AddType application/x-chrome-extension crx
227227 AddType application/x-opera-extension oex
228228 AddType application/x-xpinstall xpi
229+ AddType text/calendar ics
229230 AddType text/markdown markdown md
230231 AddType text/vcard vcard vcf
231232 AddType text/vnd.rim.location.xloc xloc
@@ -257,6 +258,7 @@ AddDefaultCharset utf-8
257258 .bbaw \
258259 .css \
259260 .geojson \
261+ .ics \
260262 .js \
261263 .json \
262264 .jsonld \
@@ -369,13 +371,21 @@ AddDefaultCharset utf-8
369371#
370372# (!) NEVER USE BOTH RULES AT THE SAME TIME!
371373
374+ # (1) The two rules assume by default that both HTTP and HTTPS
375+ # environnements are available for redirection.
376+ # If your SSL certificate could not handle one of the domains
377+ # used during redirection, you should turn the condition on.
378+ #
379+ # https://github.com/h5bp/server-configs-apache/issues/52
380+
372381# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
373382
374383# Option 1: rewrite www.example.com → example.com
375384
376385<IfModule mod_rewrite.c >
377386 RewriteEngine On
378- RewriteCond %{HTTPS} !=on
387+ # (1)
388+ # RewriteCond %{HTTPS} !=on
379389 RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
380390 RewriteRule ^ %{ENV:PROTO}://%1%{REQUEST_URI} [R=301 ,L]
381391</IfModule >
@@ -389,7 +399,8 @@ AddDefaultCharset utf-8
389399
390400# <IfModule mod_rewrite.c>
391401# RewriteEngine On
392- # RewriteCond %{HTTPS} !=on
402+ # # (1)
403+ # # RewriteCond %{HTTPS} !=on
393404# RewriteCond %{HTTP_HOST} !^www\. [NC]
394405# RewriteCond %{SERVER_ADDR} !=127.0.0.1
395406# RewriteCond %{SERVER_ADDR} !=::1
@@ -443,7 +454,7 @@ AddDefaultCharset utf-8
443454# # the `X-Frame-Options` response header should be send only for
444455# # HTML documents and not for the other resources.
445456
446- # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
457+ # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ic[os] |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
447458# Header unset X-Frame-Options
448459# </FilesMatch>
449460
@@ -478,7 +489,7 @@ AddDefaultCharset utf-8
478489# # the `Content-Security-Policy` response header should be send
479490# # only for HTML documents and not for the other resources.
480491
481- # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
492+ # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ic[os] |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
482493# Header unset Content-Security-Policy
483494# </FilesMatch>
484495
@@ -539,7 +550,7 @@ AddDefaultCharset utf-8
539550# include: configuration files, files that contain metadata about the
540551# project (e.g.: project dependencies), build scripts, etc..
541552
542- <FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$" >
553+ <FilesMatch "(^#.*#|\.(bak|conf|dist|fla|in[ci]|log|orig| psd|sh|sql|sw[op])|~)$" >
543554
544555 # Apache < 2.3
545556 <IfModule !mod_authz_core.c >
@@ -646,7 +657,7 @@ AddDefaultCharset utf-8
646657# # the `X-XSS-Protection` response header should be send only for
647658# # HTML documents and not for the other resources.
648659
649- # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
660+ # <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ic[os] |jpe?g|m?js|json(ld)?|m4[av]|manifest|map|markdown|md|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
650661# Header unset X-XSS-Protection
651662# </FilesMatch>
652663
@@ -759,6 +770,7 @@ ServerSignature Off
759770 "image/vnd.microsoft.icon" \
760771 "image/x-icon" \
761772 "text/cache-manifest" \
773+ "text/calendar" \
762774 "text/css" \
763775 "text/html" \
764776 "text/javascript" \
@@ -865,6 +877,7 @@ FileETag None
865877 ExpiresByType application/schema+json "access plus 0 seconds"
866878 ExpiresByType application/vnd.geo+json "access plus 0 seconds"
867879 ExpiresByType application/xml "access plus 0 seconds"
880+ ExpiresByType text/calendar "access plus 0 seconds"
868881 ExpiresByType text/xml "access plus 0 seconds"
869882
870883
0 commit comments