RewriteEngine On # In some cases where you have other mod_rewrite rules, you may need to remove the # comment on the following RewriteBase line and change it to match your folder name. # This resets the other mod_rewrite rules for just this directory # If your site was www.example.com/forum, the setting would be /forum/ #RewriteBase / #If you used friendly urls in vB4, then uncommenting the following rules will redirect the # #old vB4 urls to a similar location in vB5. This is unnecesary for a new vB5 install. #RewriteRule ^threads/.* showthread.php [QSA] #RewriteRule ^forums/.* forumdisplay.php [QSA] #RewriteRule ^members/.* member.php [QSA] #RewriteRule ^blogs/.* blog.php [QSA] #RewriteRule ^entries/.* entry.php [QSA] #To redirect users to the secure version of your site, uncomment the lines below #RewriteCond %{HTTPS} !=on #RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] #Block directories that don't need direct access RewriteRule ^(core/libraries/|includes|core/includes|core/vb|core/vb5|core/admincp|core/modcp) index.php?routestring=relay/404 [END] #Block files and directories RewriteRule (^|/)\.(?!well-known) index.php?routestring=relay/404 [END] #Block directories that don't need direct access to PHP RewriteRule ^(css|fonts|images|js|core/cache|core/cpstyles|core/clientscript|core/customavatars|core/images|core/store_sitemap)/.*\.php index.php?routestring=relay/404 [END] # Send css calls directly to the correct file VBV-7807 RewriteRule ^css.php$ core/css.php [NC,L] # Redirect old install path to core. RewriteRule ^install/ core/install/ [NC,L] # Main Redirect RewriteCond %{REQUEST_URI} !\.(gif|jpg|jpeg|png|css)$ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?routestring=$1 [L,QSA] AddOutputFilterByType DEFLATE application/atom+xml \ text/javascript \ application/x-javascript \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml ExpiresActive On ExpiresByType application/x-javascript A1209600 ExpiresByType text/javascript A1209600 ExpiresByType application/javascript A1209600 ExpiresByType text/css A31536000 ExpiresByType image/x-icon A2592000 ExpiresByType image/icon A2592000 ExpiresByType application/x-ico A2592000 ExpiresByType application/ico A2592000 ExpiresByType image/gif A2592000 ExpiresByType image/jpeg A1209600 ExpiresByType image/jpg A1209600 ExpiresByType image/png A1209600 ExpiresByType application/x-shockwave-flash A1209600 ExpiresByType font/ttf A2592000 ExpiresByType font/otf A2592000 ExpiresByType font/x-woff A2592000 ExpiresByType image/svg+xml A2592000 ExpiresByType font/truetype A2592000 ExpiresByType font/opentype A2592000 ExpiresByType application/x-font-woff A2592000 ExpiresByType application/vnd.ms-fontobject A2592000 Header set Connection keep-alive Header set Cache-Control "max-age=2592000, public" Header set Cache-Control "max-age=1209600, public" Header set Cache-Control "max-age=2592000, public" Header set Cache-Control "max-age=31536000, public" Header set Cache-Control "max-age=1209600, public" # Don't allow other sites to frame in your content. If you do need to frame the # forums in on another host you will need to remove or change this line. Header always append X-Frame-Options sameorigin #don't allow some files that shouldn't really be present to be directly accessed. #note that attachements should never be directly accessed by the webserver because #we have permissions on the that are checked in the PHP code. Require all denied