-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.htaccess
76 lines (69 loc) · 2.83 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
Satisfy all
# To be filled/changed and uncommented:
#-----
# Authentication with .htpasswd file:
# This file can be created with `htpasswd -c .htpasswd <username>`
# Further users can be added with `htpasswd .htpasswd <username>`
#AuthType Basic
#AuthName "Restricted Content"
#AuthUserFile <full path for .htpasswd>
#Require valid-user
#-----
# LDAP:
#AuthName
#AuthType Basic
#AuthBasicProvider ldap
#AuthLDAPURL
#AuthLDAPBindDN
#AuthLDAPBindPassword
#Require ldap-attribute
#Require valid-user
#-----
# OIDC (To be put on Apache's configuration - can't be on .htaccess)
#LoadModule auth_openidc_module modules/mod_auth_openidc.so
##OIDCProviderMetadataURL https://login.jsc.fz-juelich.de/oauth2/.well-known/openid-configuration
# When a discovery page is used, the metadata folder must contain 3 files (as explained here: https://indigo-dc.gitbook.io/keystone-with-oidc-documentation/admin-iam-conf/admin-multi-conf)
#OIDCMetadataDir /var/cache/mod_auth_openidc/metadata/
#OIDCDiscoverURL
# If no discovery page is used, the client ID and secret are needed - IMPORTANT: after redirect, the fragment part of the URL is lost!
##OIDCClientID
##OIDCClientSecret
#OIDCRedirectURI
#OIDCCryptoPassphrase "exec:/bin/bash -c \"head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32\""
#OIDCAuthRequestParams
#OIDCScope "openid,profile"
#OIDCRemoteUserClaim preferred_username
#OIDCSessionInactivityTimeout 864000
#-- This can be on .htaccess:
#AuthType openid-connect
#Require valid-user
#-----
# 404 page that should be edited to a fixed location
#ErrorDocument 404 /system/error404.html
#<IfModule mod_deflate.c>
# AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/csv text/javascript application/json application/pdf application/javascript
#</IfModule>
<IfModule mod_headers.c>
# Header set Cache-Control "max-age=60, private"
Header set Cache-Control "no-cache, no-store"
Header set Pragma "no-cache"
Header set Expires 0
RewriteEngine on
# Serve gzip compressed HTML files if they exist
RewriteCond "%{REQUEST_FILENAME}\.gz" -s
RewriteRule "^(.*)\.(html|json|dat|csv|pdf|js)" "$1\.$2\.gz" [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule "\.html\.gz$" "-" [T=text/html,E=no-gzip:1]
RewriteRule "\.json\.gz$" "-" [T=application/json,E=no-gzip:1]
RewriteRule "\.dat\.gz$" "-" [T=text/plain,E=no-gzip:1]
RewriteRule "\.csv\.gz$" "-" [T=text/csv,E=no-gzip:1]
RewriteRule "\.pdf\.gz$" "-" [T=application/pdf,E=no-gzip:1]
RewriteRule "\.js\.gz$" "-" [T=application/javascript,E=no-gzip:1]
<FilesMatch "(\.html\.gz|\.json\.gz|\.dat\.gz|\.csv\.gz|\.pdf\.gz|\.js\.gz)$">
# Serve correct encoding type.
Header append Content-Encoding gzip
# Force proxies to cache gzipped &
# non-gzipped html files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>