Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.

alessia.byaldino

ti può aiutare?

dove controllo se mod headers è abilitato?

alessia.byaldino

can you write in english?

alessia.byaldino

this is error: Access to Font at 'https.... has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '.....' is therefore not allowed access.

skylinx

Can you take a screenshot of the dev tools so I can have a look? What is the resource that cannot be found? (404)

skylinx

If you can share the URL I can have a look myself.

alessia.byaldino

I cannot post www

alessia.byaldino

the site is byaldino with .com

alessia.byaldino

https

skylinx

The website makes lots of HTTP requests and loads quite slowly for me (Finland). It took something like 20+ seconds to load the home page alone. It also loads/tries to load some resources from both the www and the naked domain and also from a mix of http and https, which causes some errors.
As for the CORS issue, the proper headers must be set for byaldino.r.worldssl.net if I am not mistaken. Which domain was that .htaccess from?

alessia.byaldino

now I check it

alessia.byaldino

this is my .htaccess

Header set Access-Control-Allow-Origin "*"

<IfModule mod_headers.c>
<FilesMatch "\.(ico|jpe?g|png|gif|swf|css|gz)$">
Header set Cache-Control "max-age=2592000, public"
</FilesMatch>
<FilesMatch "\.(js)$">
Header set Cache-Control "max-age=2592000, private"
</FilesMatch>
<filesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=7200, public"
</filesMatch>
<FilesMatch ".(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
</IfModule>

Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

@package Joomla

@copyright Copyright (C) 2005 - 2017 Open Source Matters. All rights reserved.

@license GNU General Public License version 2 or later; see LICENSE.txt

READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!

The line 'Options +FollowSymLinks' may cause problems with some server configurations.

It is required for the use of mod_rewrite, but it may have already been set by your

server administrator in a way that disallows changing it in this .htaccess file.

If using it causes your site to produce an error, comment it out (add # to the

beginning of the line), reload your site in your browser and test your sef urls. If

they work, then it has been set by your server administrator and you do not need to

set it here.

No directory listings

<IfModule autoindex>
IndexIgnore *
</IfModule>

Can be commented out if causes errors, see notes above.

Options +FollowSymlinks
Options -Indexes

Mod_rewrite in use.

RewriteEngine On

<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>

RewriteCond %{REQUEST_FILENAME} -s
RewriteCond %{REQUEST_FILENAME} -l
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.$ - [NC,L]
RewriteRule ^.$ index.php [NC,L]

Begin - Rewrite rules to block out some common exploits.

If you experience problems on your site then comment out the operations listed

below by adding a # to the beginning of the line.

This attempts to block the most common type of exploit `attempts` on Joomla!

Block any script trying to base64_encode data within the URL.

RewriteCond %{QUERY_STRING} base64_encode[^(]([^)])

Block any script that includes a <script> tag in URL.

RewriteCond %{QUERY_STRING} (<|%3C)([^s]s)+cript.(>|%3E) [NC,OR]

Block any script trying to set a PHP GLOBALS variable via URL.

RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2})

Block any script trying to modify a _REQUEST variable via URL.

RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})

Return 403 Forbidden header and show the content of the root home page

RewriteRule .* index.php

End - Rewrite rules to block out some common exploits.

Begin - Custom redirects

If you need to redirect some pages, or set a canonical non-www to

www redirect (or vice versa), place that code here. Ensure those

redirects use the correct RewriteRule syntax and the [R=301,L] flags.

End - Custom redirects

Uncomment the following line if your webserver's URL

is not directly related to physical file paths.

Update Your Joomla! Directory (just / for root).

RewriteBase /

Begin - Joomla! core SEF Section.

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

If the requested path and file is not /index.php and the request

has not already been internally rewritten to the index.php script

RewriteCond %{REQUEST_URI} !^/index.php

and the requested path and file doesn't directly match a physical file

RewriteCond %{REQUEST_FILENAME} !-f

and the requested path and file doesn't directly match a physical folder

RewriteCond %{REQUEST_FILENAME} !-d

internally rewrite the request to the index.php script

RewriteRule .* index.php

End - Joomla! core SEF Section.

skylinx

Is that the .htaccess for byaldino.r.worldssl.net?

skylinx

Hold on, just realised you use the CDN for that domain. You should configure the headers in the CDN resource for this to work. Do you have access to these settings?

alessia.byaldino

yes - I do

alessia.byaldino

ok, I try - thanks for now

Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.

@package Joomla

@copyright Copyright (C) 2005 - 2017 Open Source Matters. All rights reserved.

@license GNU General Public License version 2 or later; see LICENSE.txt

READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!

The line 'Options +FollowSymLinks' may cause problems with some server configurations.

It is required for the use of mod_rewrite, but it may have already been set by your

server administrator in a way that disallows changing it in this .htaccess file.

If using it causes your site to produce an error, comment it out (add # to the

beginning of the line), reload your site in your browser and test your sef urls. If

they work, then it has been set by your server administrator and you do not need to

set it here.

No directory listings

Can be commented out if causes errors, see notes above.

Mod_rewrite in use.

Begin - Rewrite rules to block out some common exploits.

If you experience problems on your site then comment out the operations listed

below by adding a # to the beginning of the line.

This attempts to block the most common type of exploit attempts on Joomla!

Block any script trying to base64_encode data within the URL.

Block any script that includes a <script> tag in URL.

Block any script trying to set a PHP GLOBALS variable via URL.

Block any script trying to modify a _REQUEST variable via URL.

Return 403 Forbidden header and show the content of the root home page

End - Rewrite rules to block out some common exploits.

Begin - Custom redirects

If you need to redirect some pages, or set a canonical non-www to

www redirect (or vice versa), place that code here. Ensure those

redirects use the correct RewriteRule syntax and the [R=301,L] flags.

End - Custom redirects

Uncomment the following line if your webserver's URL

is not directly related to physical file paths.

Update Your Joomla! Directory (just / for root).

Begin - Joomla! core SEF Section.

If the requested path and file is not /index.php and the request

has not already been internally rewritten to the index.php script

and the requested path and file doesn't directly match a physical file

and the requested path and file doesn't directly match a physical folder

internally rewrite the request to the index.php script

End - Joomla! core SEF Section.

This attempts to block the most common type of exploit `attempts` on Joomla!