• M
    User Attivo

    htaccess: Sicurizzare e velocizzare Joomla!

    Ciao,
    sto studiando un po' .htaccess per migliorare le prestazioni di joomla! sfruttando le potenzialità dei moduli apache.

    Questo l'.htaccess modificato che ho installato sul mio sito.
    Qualcuno mi sa dare altri consigli per aumentare le performance di Joomla! migliorandolo ? :fumato:

    problemi che non so come risolvere:

    1. le gif presenti nel css non vengono compresse
    2. le immagini, i css e js di virtuemart non vengono compressi

    @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $

    @package Joomla

    @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.

    @license xxxxxxxxxxxxxxx

    Joomla! is Free Software

    #####################################################

    READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE

    The line just below this section: 'Options +FollowSymLinks' may cause problems

    with some server configurations. It is required for use of mod_rewrite, but may already

    be set by your server administrator in a way that dissallows changing it in

    your .htaccess file. If using it causes your server to error out, comment it out (add # to

    beginning of line), reload your site in your browser and test your sef url's. If they work,

    it has been set by your server administrator and you do not need it set here.

    #####################################################

    Can be commented out if causes errors, see notes above.

    Options +FollowSymLinks

    mod_rewrite in use

    RewriteEngine On

    Start Block Bad bot

    <Limit GET POST>
    order allow,deny
    allow from all
    Deny from env=bad_bot
    </Limit>

    bad bot list

    SetEnvIfNoCase User-Agent "^Black Hole" bad_bot
    SetEnvIfNoCase User-Agent "^Titan" bad_bot
    SetEnvIfNoCase User-Agent "^WebStripper" bad_bot
    SetEnvIfNoCase User-Agent "^NetMechanic" bad_bot
    SetEnvIfNoCase User-Agent "^CherryPicker" bad_bot
    SetEnvIfNoCase User-Agent "^EmailCollector" bad_bot
    SetEnvIfNoCase User-Agent "^EmailSiphon" bad_bot
    SetEnvIfNoCase User-Agent "^WebBandit" bad_bot
    SetEnvIfNoCase User-Agent "^EmailWolf" bad_bot
    SetEnvIfNoCase User-Agent "^ExtractorPro" bad_bot
    SetEnvIfNoCase User-Agent "^CopyRightCheck" bad_bot
    SetEnvIfNoCase User-Agent "^Crescent" bad_bot
    SetEnvIfNoCase User-Agent "^Wget" bad_bot
    SetEnvIfNoCase User-Agent "^SiteSnagger" bad_bot
    SetEnvIfNoCase User-Agent "^ProWebWalker" bad_bot
    SetEnvIfNoCase User-Agent "^CheeseBot" bad_bot
    SetEnvIfNoCase User-Agent "^Teleport" bad_bot
    SetEnvIfNoCase User-Agent "^TeleportPro" bad_bot
    SetEnvIfNoCase User-Agent "^MIIxpc" bad_bot
    SetEnvIfNoCase User-Agent "^Telesoft" bad_bot
    SetEnvIfNoCase User-Agent "^Website Quester" bad_bot
    SetEnvIfNoCase User-Agent "^WebZip" bad_bot
    SetEnvIfNoCase User-Agent "^moget/2.1" bad_bot
    SetEnvIfNoCase User-Agent "^WebZip/4.0" bad_bot
    SetEnvIfNoCase User-Agent "^WebSauger" bad_bot
    SetEnvIfNoCase User-Agent "^WebCopier" bad_bot
    SetEnvIfNoCase User-Agent "^NetAnts" bad_bot
    SetEnvIfNoCase User-Agent "^Mister PiX" bad_bot
    SetEnvIfNoCase User-Agent "^WebAuto" bad_bot
    SetEnvIfNoCase User-Agent "^TheNomad" bad_bot
    SetEnvIfNoCase User-Agent "^WWW-Collector-E" bad_bot
    SetEnvIfNoCase User-Agent "^RMA" bad_bot
    SetEnvIfNoCase User-Agent "^libWeb/clsHTTP" bad_bot
    SetEnvIfNoCase User-Agent "^asterias" bad_bot
    SetEnvIfNoCase User-Agent "^httplib" bad_bot
    SetEnvIfNoCase User-Agent "^turingos" bad_bot
    SetEnvIfNoCase User-Agent "^spanner" bad_bot
    SetEnvIfNoCase User-Agent "^InfoNaviRobot" bad_bot
    SetEnvIfNoCase User-Agent "^Harvest/1.5" bad_bot
    SetEnvIfNoCase User-Agent "^Bullseye/1.0" bad_bot
    SetEnvIfNoCase User-Agent "^Mozilla/4.0 (compatible; BullsEye; Windows 95)" bad_bot
    SetEnvIfNoCase User-Agent "^Crescent Internet ToolPak HTTP OLE Control v.1.0" bad_bot
    SetEnvIfNoCase User-Agent "^CherryPickerSE/1.0" bad_bot
    SetEnvIfNoCase User-Agent "^CherryPicker /1.0" bad_bot
    SetEnvIfNoCase User-Agent "^WebBandit/3.50" bad_bot
    SetEnvIfNoCase User-Agent "^NICErsPRO" bad_bot
    SetEnvIfNoCase User-Agent "^Microsoft URL Control - 5.01.4511" bad_bot
    SetEnvIfNoCase User-Agent "^DittoSpyder" bad_bot
    SetEnvIfNoCase User-Agent "^Foobot" bad_bot
    SetEnvIfNoCase User-Agent "^WebmasterWorldForumBot" bad_bot
    SetEnvIfNoCase User-Agent "^SpankBot" bad_bot
    SetEnvIfNoCase User-Agent "^BotALot" bad_bot
    SetEnvIfNoCase User-Agent "^lwp-trivial/1.34" bad_bot
    SetEnvIfNoCase User-Agent "^lwp-trivial" bad_bot
    SetEnvIfNoCase User-Agent "^Wget/1.6" bad_bot
    SetEnvIfNoCase User-Agent "^BunnySlippers" bad_bot
    SetEnvIfNoCase User-Agent "^Microsoft URL Control - 6.00.8169" bad_bot
    SetEnvIfNoCase User-Agent "^URLy Warning" bad_bot
    SetEnvIfNoCase User-Agent "^Wget/1.5.3" bad_bot
    SetEnvIfNoCase User-Agent "^LinkWalker" bad_bot
    SetEnvIfNoCase User-Agent "^cosmos" bad_bot
    SetEnvIfNoCase User-Agent "^moget" bad_bot
    SetEnvIfNoCase User-Agent "^hloader" bad_bot
    SetEnvIfNoCase User-Agent "^humanlinks" bad_bot
    SetEnvIfNoCase User-Agent "^LinkextractorPro" bad_bot
    SetEnvIfNoCase User-Agent "^Offline Explorer" bad_bot
    SetEnvIfNoCase User-Agent "^Mata Hari" bad_bot
    SetEnvIfNoCase User-Agent "^LexiBot" bad_bot
    SetEnvIfNoCase User-Agent "^Web Image Collector" bad_bot
    SetEnvIfNoCase User-Agent "^The Intraformant" bad_bot
    SetEnvIfNoCase User-Agent "^True_Robot/1.0" bad_bot
    SetEnvIfNoCase User-Agent "^True_Robot" bad_bot
    SetEnvIfNoCase User-Agent "^BlowFish/1.0" bad_bot
    SetEnvIfNoCase User-Agent "^JennyBot" bad_bot
    SetEnvIfNoCase User-Agent "^MIIxpc/4.2" bad_bot
    SetEnvIfNoCase User-Agent "^BuiltBotTough" bad_bot
    SetEnvIfNoCase User-Agent "^ProPowerBot/2.14" bad_bot
    SetEnvIfNoCase User-Agent "^BackDoorBot/1.0" bad_bot
    SetEnvIfNoCase User-Agent "^toCrawl/UrlDispatcher" bad_bot
    SetEnvIfNoCase User-Agent "^WebEnhancer" bad_bot
    SetEnvIfNoCase User-Agent "^TightTwatBot" bad_bot
    SetEnvIfNoCase User-Agent "^suzuran" bad_bot
    SetEnvIfNoCase User-Agent "^VCI WebViewer VCI WebViewer Win32" bad_bot
    SetEnvIfNoCase User-Agent "^VCI" bad_bot
    SetEnvIfNoCase User-Agent "^Szukacz/1.4" bad_bot
    SetEnvIfNoCase User-Agent "^QueryN Metasearch" bad_bot
    SetEnvIfNoCase User-Agent "^Openfind data gathere" bad_bot
    SetEnvIfNoCase User-Agent "^Openfind" bad_bot
    SetEnvIfNoCase User-Agent "^Xenu's Link Sleuth 1.1c" bad_bot
    SetEnvIfNoCase User-Agent "^Xenu's" bad_bot
    SetEnvIfNoCase User-Agent "^Zeus" bad_bot
    SetEnvIfNoCase User-Agent "^RepoMonkey Bait & Tackle/v1.01" bad_bot
    SetEnvIfNoCase User-Agent "^RepoMonkey" bad_bot
    SetEnvIfNoCase User-Agent "^Zeus 32297 Webster Pro V2.9 Win32" bad_bot
    SetEnvIfNoCase User-Agent "^Webster Pro" bad_bot
    SetEnvIfNoCase User-Agent "^EroCrawler" bad_bot
    SetEnvIfNoCase User-Agent "^LinkScan/8.1a Unix" bad_bot
    SetEnvIfNoCase User-Agent "^Keyword Density/0.9" bad_bot
    SetEnvIfNoCase User-Agent "^Kenjin Spider" bad_bot
    SetEnvIfNoCase User-Agent "^Cegbfeieh" bad_bot

    End Block Bad bot

    ########## Begin - Rewrite rules to block out some common exploits

    If you experience problems on your site block out the operations listed below

    This attempts to block the most common type of exploit attempts to Joomla!

    Block out any script trying to set a mosConfig value through the URL

    RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D)

    Block out any script trying to base64_encode crap to send via URL

    RewriteCond %{QUERY_STRING} base64_encode.(.)

    Block out any script that includes a <script> tag in URL

    RewriteCond %{QUERY_STRING} (<|%3C).script.(>|%3E) [NC,OR]

    Block out any script trying to set a PHP GLOBALS variable via URL

    RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2})

    Block out any script trying to modify a _REQUEST variable via URL

    RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})

    Send all blocked request to homepage with 403 Forbidden error!

    RewriteRule ^(.*)$ index.php [F,L]

    ########## End - Rewrite rules to block out some common exploits

    Uncomment following line if your webserver's URL

    is not directly related to physical file paths.

    Update Your Joomla! Directory (just / for root)

    #RewriteBase /

    ########## Begin - Joomla! core SEF Section

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !^/index.php
    RewriteCond %{REQUEST_URI} (/|.php|.html|.htm|.feed|.pdf|.raw|/[^.])$
    RewriteRule (.    ) index.php
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

    ########## End - Joomla! core SEF Section

    <IfModule mod_deflate.c>
    <FilesMatch ".(js|css)$">
    SetOutputFilter DEFLATE
    </FilesMatch>
    </IfModule>

    ########## Begin - compress section

    SetOutputFilter DEFLATE
    AddOutputFilter DEFLATE text/plain
    AddOutputFilter DEFLATE text/html
    AddOutputFilter DEFLATE text/xml
    AddOutputFilter DEFLATE text/css
    AddOutputFilter DEFLATE application/xml
    AddOutputFilter DEFLATE application/xhtml+xml
    AddOutputFilter DEFLATE application/rss+xml
    AddOutputFilter DEFLATE application/javascript
    AddOutputFilter DEFLATE application/x-javascript
    AddOutputFilter DEFLATE application/x-httpd-php
    AddOutputFilter DEFLATE application/x-httpd-fastphp
    AddOutputFilter DEFLATE image/svg+xml
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4.0[678] no-gzip
    BrowserMatch bMSIE !no-gzip !gzip-only-text/html
    SetEnvIf User-Agent ".MSIE." nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

    Don't compress images

    SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    ########## end - compress section

    ########### Start Prevenire Image Hot Linking

    RewriteCond %{REQUEST_FILENAME} .(gif|jpe?g|png)$
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !tuosito.it #inserisci il tuo sito !!
    RewriteCond %{HTTP_REFERER} !bloglines.com
    RewriteCond %{HTTP_REFERER} !google.
    RewriteCond %{HTTP_REFERER} !yahoo.
    RewriteCond %{HTTP_REFERER} !search?q=cache
    RewriteRule (.*) h t t p : / / 127.0.0.1 [R,NC,L]

    Settare gli Expires headers e cache control

    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault A600
    ExpiresByType image/x-icon A2592000
    ExpiresByType application/x-javascript A604800
    ExpiresByType text/css A604800
    ExpiresByType image/gif A2592000
    ExpiresByType image/png A2592000
    ExpiresByType image/x-icon A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType image/jpg A2592000
    ExpiresByType image/jpeg A2592000
    ExpiresByType text/plain A86400
    ExpiresByType application/x-shockwave-flash A2592000
    ExpiresByType video/x-flv A2592000
    ExpiresByType application/pdf A2592000
    ExpiresByType text/html A600

    HEADER CACHING

    <filesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|swf)$">
    Header set Cache-Control "max-age=2592000, public"
    Header unset Last-Modified
    </filesMatch>
    <filesMatch "\.(css)$">
    Header set Cache-Control "max-age=604800, public"
    Header unset Last-Modified
    </filesMatch>
    <filesMatch "\.(js)$">
    Header set Cache-Control "max-age=216000, private"
    Header unset Last-Modified
    </filesMatch>
    <filesMatch "\.(xml|txt)$">
    Header set Cache-Control "max-age=216000, public, must-revalidate"
    </filesMatch>
    <filesMatch "\.(html|htm|php)$">
    Header set Cache-Control "max-age=1, private, must-revalidate"
    </filesMatch>

    Disattivare ETags

    Header unset ETag
    </IfModule>

    Disattivare gli ETags

    FileETag none

    ########### end Prevenire Image Hot Linking

    0
Effettua l'accesso per rispondere