##### RewriteEngine enabled - BEGIN RewriteEngine On ##### RewriteEngine enabled - END ##### RewriteBase set - BEGIN RewriteBase / ##### RewriteBase set - END ##### HTTP to HTTPS redirection ## Since you have enabled HSTS the first redirection rule will instruct the browser to visit the HTTPS version of your ## site. This prevents unsafe redirections through HTTP. ## RewriteCond %{HTTPS} !=on [OR] ## RewriteCond %{HTTP:X-Forwarded-Proto} =http ## RewriteRule .* https://demo.uv.cl%{REQUEST_URI} [L,R=301] ##### File execution order -- BEGIN DirectoryIndex index.php index.html ##### File execution order -- END ##### Optimal default expiration time - BEGIN # Enable expiration control ExpiresActive On # CSS and JS expiration: 1 week after request ExpiresByType text/css "now plus 1 week" ExpiresByType application/javascript "now plus 1 week" ExpiresByType application/x-javascript "now plus 1 week" # Image files expiration: 1 month after request ExpiresByType image/bmp "now plus 1 month" ExpiresByType image/gif "now plus 1 month" ExpiresByType image/jpeg "now plus 1 month" ExpiresByType image/jp2 "now plus 1 month" ExpiresByType image/pipeg "now plus 1 month" ExpiresByType image/png "now plus 1 month" ExpiresByType image/svg+xml "now plus 1 month" ExpiresByType image/tiff "now plus 1 month" ExpiresByType image/vnd.microsoft.icon "now plus 1 month" ExpiresByType image/x-icon "now plus 1 month" ExpiresByType image/ico "now plus 1 month" ExpiresByType image/icon "now plus 1 month" ExpiresByType text/ico "now plus 1 month" ExpiresByType application/ico "now plus 1 month" ExpiresByType image/vnd.wap.wbmp "now plus 1 month" ExpiresByType application/vnd.wap.wbxml "now plus 1 month" ExpiresByType application/smil "now plus 1 month" # Font files expiration: 1 week after request ExpiresByType application/vnd.ms-fontobject "now plus 1 week" ExpiresByType application/x-font-ttf "now plus 1 week" ExpiresByType application/x-font-opentype "now plus 1 week" ExpiresByType application/x-font-woff "now plus 1 week" ExpiresByType font/woff2 "now plus 1 week" ExpiresByType image/svg+xml "now plus 1 week" # Audio files expiration: 1 month after request ExpiresByType audio/ogg "now plus 1 month" ExpiresByType application/ogg "now plus 1 month" ExpiresByType audio/basic "now plus 1 month" ExpiresByType audio/mid "now plus 1 month" ExpiresByType audio/midi "now plus 1 month" ExpiresByType audio/mpeg "now plus 1 month" ExpiresByType audio/mp3 "now plus 1 month" ExpiresByType audio/x-aiff "now plus 1 month" ExpiresByType audio/x-mpegurl "now plus 1 month" ExpiresByType audio/x-pn-realaudio "now plus 1 month" ExpiresByType audio/x-wav "now plus 1 month" # Movie files expiration: 1 month after request ExpiresByType application/x-shockwave-flash "now plus 1 month" ExpiresByType x-world/x-vrml "now plus 1 month" ExpiresByType video/x-msvideo "now plus 1 month" ExpiresByType video/mpeg "now plus 1 month" ExpiresByType video/mp4 "now plus 1 month" ExpiresByType video/quicktime "now plus 1 month" ExpiresByType video/x-la-asf "now plus 1 month" ExpiresByType video/x-ms-asf "now plus 1 month" ##### Optimal default expiration time - END ##### Common hacking tools and bandwidth hoggers block -- BEGIN SetEnvIf user-agent "WebBandit" stayout=1 SetEnvIf user-agent "webbandit" stayout=1 SetEnvIf user-agent "Acunetix" stayout=1 SetEnvIf user-agent "binlar" stayout=1 SetEnvIf user-agent "BlackWidow" stayout=1 SetEnvIf user-agent "Bolt 0" stayout=1 SetEnvIf user-agent "Bot mailto:craftbot@yahoo.com" stayout=1 SetEnvIf user-agent "BOT for JCE" stayout=1 SetEnvIf user-agent "casper" stayout=1 SetEnvIf user-agent "checkprivacy" stayout=1 SetEnvIf user-agent "ChinaClaw" stayout=1 SetEnvIf user-agent "clshttp" stayout=1 SetEnvIf user-agent "cmsworldmap" stayout=1 SetEnvIf user-agent "comodo" stayout=1 SetEnvIf user-agent "Custo" stayout=1 SetEnvIf user-agent "Default Browser 0" stayout=1 SetEnvIf user-agent "diavol" stayout=1 SetEnvIf user-agent "DIIbot" stayout=1 SetEnvIf user-agent "DISCo" stayout=1 SetEnvIf user-agent "dotbot" stayout=1 SetEnvIf user-agent "Download Demon" stayout=1 SetEnvIf user-agent "eCatch" stayout=1 SetEnvIf user-agent "EirGrabber" stayout=1 SetEnvIf user-agent "EmailCollector" stayout=1 SetEnvIf user-agent "EmailSiphon" stayout=1 SetEnvIf user-agent "EmailWolf" stayout=1 SetEnvIf user-agent "Express WebPictures" stayout=1 SetEnvIf user-agent "extract" stayout=1 SetEnvIf user-agent "ExtractorPro" stayout=1 SetEnvIf user-agent "EyeNetIE" stayout=1 SetEnvIf user-agent "feedfinder" stayout=1 SetEnvIf user-agent "FHscan" stayout=1 SetEnvIf user-agent "FlashGet" stayout=1 SetEnvIf user-agent "flicky" stayout=1 SetEnvIf user-agent "GetRight" stayout=1 SetEnvIf user-agent "GetWeb!" stayout=1 SetEnvIf user-agent "Go-Ahead-Got-It" stayout=1 SetEnvIf user-agent "Go!Zilla" stayout=1 SetEnvIf user-agent "grab" stayout=1 SetEnvIf user-agent "GrabNet" stayout=1 SetEnvIf user-agent "Grafula" stayout=1 SetEnvIf user-agent "harvest" stayout=1 SetEnvIf user-agent "HMView" stayout=1 SetEnvIf user-agent "ia_archiver" stayout=1 SetEnvIf user-agent "Image Stripper" stayout=1 SetEnvIf user-agent "Image Sucker" stayout=1 SetEnvIf user-agent "InterGET" stayout=1 SetEnvIf user-agent "Internet Ninja" stayout=1 SetEnvIf user-agent "InternetSeer.com" stayout=1 SetEnvIf user-agent "jakarta" stayout=1 SetEnvIf user-agent "Java" stayout=1 SetEnvIf user-agent "JetCar" stayout=1 SetEnvIf user-agent "JOC Web Spider" stayout=1 SetEnvIf user-agent "kmccrew" stayout=1 SetEnvIf user-agent "larbin" stayout=1 SetEnvIf user-agent "LeechFTP" stayout=1 SetEnvIf user-agent "libwww" stayout=1 SetEnvIf user-agent "Mass Downloader" stayout=1 SetEnvIf user-agent "Maxthon$" stayout=1 SetEnvIf user-agent "microsoft.url" stayout=1 SetEnvIf user-agent "MIDown tool" stayout=1 SetEnvIf user-agent "miner" stayout=1 SetEnvIf user-agent "Mister PiX" stayout=1 SetEnvIf user-agent "NEWT" stayout=1 SetEnvIf user-agent "MSFrontPage" stayout=1 SetEnvIf user-agent "Navroad" stayout=1 SetEnvIf user-agent "NearSite" stayout=1 SetEnvIf user-agent "Net Vampire" stayout=1 SetEnvIf user-agent "NetAnts" stayout=1 SetEnvIf user-agent "NetSpider" stayout=1 SetEnvIf user-agent "NetZIP" stayout=1 SetEnvIf user-agent "nutch" stayout=1 SetEnvIf user-agent "Octopus" stayout=1 SetEnvIf user-agent "Offline Explorer" stayout=1 SetEnvIf user-agent "Offline Navigator" stayout=1 SetEnvIf user-agent "PageGrabber" stayout=1 SetEnvIf user-agent "Papa Foto" stayout=1 SetEnvIf user-agent "pavuk" stayout=1 SetEnvIf user-agent "pcBrowser" stayout=1 SetEnvIf user-agent "PeoplePal" stayout=1 SetEnvIf user-agent "planetwork" stayout=1 SetEnvIf user-agent "psbot" stayout=1 SetEnvIf user-agent "purebot" stayout=1 SetEnvIf user-agent "pycurl" stayout=1 SetEnvIf user-agent "RealDownload" stayout=1 SetEnvIf user-agent "ReGet" stayout=1 SetEnvIf user-agent "Rippers 0" stayout=1 SetEnvIf user-agent "SeaMonkey$" stayout=1 SetEnvIf user-agent "sitecheck.internetseer.com" stayout=1 SetEnvIf user-agent "SiteSnagger" stayout=1 SetEnvIf user-agent "skygrid" stayout=1 SetEnvIf user-agent "SmartDownload" stayout=1 SetEnvIf user-agent "sucker" stayout=1 SetEnvIf user-agent "SuperBot" stayout=1 SetEnvIf user-agent "SuperHTTP" stayout=1 SetEnvIf user-agent "Surfbot" stayout=1 SetEnvIf user-agent "tAkeOut" stayout=1 SetEnvIf user-agent "Teleport Pro" stayout=1 SetEnvIf user-agent "Toata dragostea mea pentru diavola" stayout=1 SetEnvIf user-agent "turnit" stayout=1 SetEnvIf user-agent "vikspider" stayout=1 SetEnvIf user-agent "VoidEYE" stayout=1 SetEnvIf user-agent "Web Image Collector" stayout=1 SetEnvIf user-agent "Web Sucker" stayout=1 SetEnvIf user-agent "WebAuto" stayout=1 SetEnvIf user-agent "WebCopier" stayout=1 SetEnvIf user-agent "WebFetch" stayout=1 SetEnvIf user-agent "WebGo IS" stayout=1 SetEnvIf user-agent "WebLeacher" stayout=1 SetEnvIf user-agent "WebReaper" stayout=1 SetEnvIf user-agent "WebSauger" stayout=1 SetEnvIf user-agent "Website eXtractor" stayout=1 SetEnvIf user-agent "Website Quester" stayout=1 SetEnvIf user-agent "WebStripper" stayout=1 SetEnvIf user-agent "WebWhacker" stayout=1 SetEnvIf user-agent "WebZIP" stayout=1 SetEnvIf user-agent "Widow" stayout=1 SetEnvIf user-agent "WWW-Mechanize" stayout=1 SetEnvIf user-agent "WWWOFFLE" stayout=1 SetEnvIf user-agent "Xaldon WebSpider" stayout=1 SetEnvIf user-agent "Yandex" stayout=1 SetEnvIf user-agent "Zeus" stayout=1 SetEnvIf user-agent "zmeu" stayout=1 SetEnvIf user-agent "CazoodleBot" stayout=1 SetEnvIf user-agent "discobot" stayout=1 SetEnvIf user-agent "ecxi" stayout=1 SetEnvIf user-agent "GT::WWW" stayout=1 SetEnvIf user-agent "heritrix" stayout=1 SetEnvIf user-agent "HTTP::Lite" stayout=1 SetEnvIf user-agent "HTTrack" stayout=1 SetEnvIf user-agent "ia_archiver" stayout=1 SetEnvIf user-agent "id-search" stayout=1 SetEnvIf user-agent "id-search.org" stayout=1 SetEnvIf user-agent "IDBot" stayout=1 SetEnvIf user-agent "Indy Library" stayout=1 SetEnvIf user-agent "IRLbot" stayout=1 SetEnvIf user-agent "ISC Systems iRc Search 2.1" stayout=1 SetEnvIf user-agent "LinksManager.com_bot" stayout=1 SetEnvIf user-agent "linkwalker" stayout=1 SetEnvIf user-agent "lwp-trivial" stayout=1 SetEnvIf user-agent "MFC_Tear_Sample" stayout=1 SetEnvIf user-agent "Microsoft URL Control" stayout=1 SetEnvIf user-agent "Missigua Locator" stayout=1 SetEnvIf user-agent "panscient.com" stayout=1 SetEnvIf user-agent "PECL::HTTP" stayout=1 SetEnvIf user-agent "PHPCrawl" stayout=1 SetEnvIf user-agent "PleaseCrawl" stayout=1 SetEnvIf user-agent "SBIder" stayout=1 SetEnvIf user-agent "Snoopy" stayout=1 SetEnvIf user-agent "Steeler" stayout=1 SetEnvIf user-agent "URI::Fetch" stayout=1 SetEnvIf user-agent "urllib" stayout=1 SetEnvIf user-agent "Web Sucker" stayout=1 SetEnvIf user-agent "webalta" stayout=1 SetEnvIf user-agent "WebCollage" stayout=1 SetEnvIf user-agent "Wells Search II" stayout=1 SetEnvIf user-agent "WEP Search" stayout=1 SetEnvIf user-agent "zermelo" stayout=1 SetEnvIf user-agent "ZyBorg" stayout=1 SetEnvIf user-agent "Indy Library" stayout=1 SetEnvIf user-agent "libwww-perl" stayout=1 SetEnvIf user-agent "Go!Zilla" stayout=1 SetEnvIf user-agent "TurnitinBot" stayout=1 deny from env=stayout Require all granted Require not env stayout ##### Common hacking tools and bandwidth hoggers block -- END ##### Automatic compression of resources -- BEGIN AddOutputFilterByType DEFLATE text/plain text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript image/svg+xml mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_keep_workfiles No mod_gzip_can_negotiate Yes mod_gzip_add_header_count Yes mod_gzip_send_vary Yes mod_gzip_min_http 1000 mod_gzip_minimum_file_size 300 mod_gzip_maximum_file_size 512000 mod_gzip_maximum_inmem_size 60000 mod_gzip_handle_methods GET mod_gzip_item_include file \.(html?|txt|css|js|php|pl|xml|rb|py|svg|scgz)$ mod_gzip_item_include mime ^text/plain$ mod_gzip_item_include mime ^text/xml$ mod_gzip_item_include mime ^text/css$ mod_gzip_item_include mime ^application/xml$ mod_gzip_item_include mime ^application/xhtml+xml$ mod_gzip_item_include mime ^application/rss+xml$ mod_gzip_item_include mime ^application/javascript$ mod_gzip_item_include mime ^application/x-javascript$ mod_gzip_item_include mime ^image/svg+xml$ mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include handler ^server-status$ mod_gzip_item_include handler ^server-info$ mod_gzip_item_include handler ^application/x-httpd-php mod_gzip_item_exclude mime ^image/.* ##### Automatic compression of resources -- END ## Force GZip compression for mangled Accept-Encoding headers SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding ##### Redirect www to non-www -- BEGIN RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] ##### Redirect www to non-www -- END ##### Rewrite rules to block out some common exploits -- BEGIN RewriteCond %{QUERY_STRING} proc/self/environ [OR] RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] RewriteCond %{QUERY_STRING} base64_(en|de)code$.*$ [OR] RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule .* index.php [F] ##### Rewrite rules to block out some common exploits -- END ##### File injection protection -- BEGIN RewriteCond %{REQUEST_METHOD} GET RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http[s]?:// [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC] RewriteRule .* - [F] ##### File injection protection -- END ##### Advanced server protection rules exceptions -- BEGIN RewriteRule ^administrator\/components\/com_akeeba\/restore\.php$ - [L] RewriteRule ^administrator\/components\/com_joomlaupdate\/ - [L] RewriteRule ^google32930475e1115f5a\.html$ - [L] RewriteRule ^googlec27f8d89cd84f8a9\.html$ - [L] RewriteCond %{REQUEST_FILENAME} !(\.php)$ RewriteCond %{REQUEST_FILENAME} -f RewriteRule ^\.well\-known/ - [L] RewriteCond %{REQUEST_FILENAME} !(\.php)$ RewriteCond %{REQUEST_FILENAME} -f ##### Advanced server protection rules exceptions -- END ##### Advanced server protection -- BEGIN ## Disable PHP Easter Eggs RewriteCond %{QUERY_STRING} \=PHP[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} [NC] RewriteRule .* - [F] #### Back-end protection RewriteRule ^administrator/?$ - [L] RewriteRule ^administrator/index\.(php|html?)$ - [L] RewriteRule ^administrator/(components|modules|templates|images|plugins)/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|mpg|mp3|mpeg|mp4|avi|wav|ogg|ogv|xls|xlsx|doc|docx|ppt|pptx|zip|rar|pdf|xps|txt|7z|svg|odt|ods|odp|flv|mov|htm|ttf|woff|woff2|eot|JPG|JPEG|PNG|GIF|CSS|JS|TTF|WOFF|WOFF2|EOT|webp|WEBP|WebP)$ - [L] RewriteRule ^administrator/ - [F] #### Front-end protection ## Allow limited access for certain directories with client-accessible content RewriteRule ^(components|modules|templates|images|plugins|media|libraries|media/jui/fonts)/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|mpg|mp3|mpeg|mp4|avi|wav|ogg|ogv|xls|xlsx|doc|docx|ppt|pptx|zip|rar|pdf|xps|txt|7z|svg|odt|ods|odp|flv|mov|ico|htm|ttf|woff|woff2|eot|JPG|JPEG|PNG|GIF|CSS|JS|TTF|WOFF|WOFF2|EOT|webp|WEBP|WebP)$ - [L] RewriteRule ^(components|modules|templates|images|plugins|media|libraries|media/jui/fonts)/ - [F] ## Disallow front-end access for certain Joomla! system directories (unless access to their files is allowed above) RewriteRule ^includes/js/ - [L] RewriteRule ^(cache|includes|language|logs|log|tmp)/ - [F] RewriteRule ^(configuration\.php|CONTRIBUTING\.md|htaccess\.txt|joomla\.xml|LICENSE\.txt|phpunit\.xml|README\.txt|web\.config\.txt) - [F] ## Explicitly allow access to the site's index.php main entry point file RewriteRule ^index.php(/.*){0,1}$ - [L] ## Explicitly allow access to the site's robots.txt file RewriteRule ^robots.txt$ - [L] ## Disallow access to all other PHP files throughout the site, unless they are explicitly allowed RewriteCond %{REQUEST_FILENAME} (\.php)$ RewriteCond %{REQUEST_FILENAME} -f RewriteRule (.*\.php)$ - [F] ## Disallow access to htaccess.txt, php.ini, .user.ini and configuration.php-dist RewriteRule ^(htaccess\.txt|configuration\.php-dist|php\.ini|\.user\.ini)$ - [F] # Disallow access to all other front-end folders RewriteCond %{REQUEST_FILENAME} -d RewriteCond %{REQUEST_URI} !^/ RewriteRule .* - [F] # Disallow access to all other front-end files RewriteCond %{REQUEST_FILENAME} -f RewriteRule !^index.php$ - [F] ## Remove Apache and PHP version signature Header unset X-Powered-By ServerSignature Off ##### Advanced server protection -- END ## HSTS Header - See http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS ## Referrer-policy Header always set Referrer-Policy "unsafe-url" ##### Joomla! core SEF Section -- BEGIN RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteCond %{REQUEST_URI} !^/index\.php RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php [L] ##### Joomla! core SEF Section -- END