Options +FollowSymLinks # BEGIN WordPress RewriteEngine On RewriteBase /wp/ RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /wp/index.php [L] # END WordPress #### Force SSL #### #RewriteEngine On #RewriteCond %{HTTPS} !=on #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # Header set Access-Control-Allow-Origin "*" Header set X-UA-Compatible "IE=edge" Header unset X-UA-Compatible Header set Cache-Control "max-age=7200, must-revalidate" AddType audio/mp4 m4a f4a f4b AddType audio/ogg oga ogg opus AddType application/json json map AddType application/ld+json jsonld AddType application/javascript js AddType video/mp4 f4v f4p m4v mp4 AddType video/ogg ogv AddType video/webm webm AddType video/x-flv flv AddType application/font-woff woff AddType application/vnd.ms-fontobject eot AddType application/x-font-ttf ttc ttf AddType font/opentype otf AddType image/svg+xml svgz AddEncoding gzip svgz AddType application/octet-stream safariextz AddType application/x-chrome-extension crx AddType application/x-web-app-manifest+json webapp AddType application/xml atom rdf rss xml AddType image/x-icon cur AddType text/cache-manifest appcache manifest AddType text/x-vcard vcf AddCharset utf-8 .atom .css .js .json .jsonld .rss .vtt .webapp .xml ExpiresActive on ExpiresDefault "access plus 1 month" ExpiresByType text/html "access plus 0 seconds" ExpiresByType text/css "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" ExpiresByType text/javascript A2592000 ExpiresByType image/x-icon "access plus 1 week" ExpiresByType text/x-component "access plus 1 month" ExpiresByType audio/ogg "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" ExpiresByType application/font-woff "access plus 1 month" ExpiresByType application/vnd.ms-fontobject "access plus 1 month" ExpiresByType application/x-font-ttf "access plus 1 month" ExpiresByType font/opentype "access plus 1 month" ExpiresByType image/svg+xml "access plus 1 month" ExpiresByType text/xml "access plus 0 seconds" ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/ld+json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType application/atom+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/ld+json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/x-web-app-manifest+json \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml Header unset ETag FileETag None SetEnvIf Origin ":" IS_CORS Header set Access-Control-Allow-Origin "*" env=IS_CORS Header set X-Frame-Options "DENY" Header unset X-Frame-Options Options -Indexes RewriteCond %{SCRIPT_FILENAME} -d [OR] RewriteCond %{SCRIPT_FILENAME} -f RewriteRule "(^|/)\." - [F] Order allow,deny Deny from all Satisfy All Require all denied Header set X-Content-Type-Options "nosniff" Header set X-XSS-Protection "1; mode=block" Header unset X-XSS-Protection