Nützliche htaccess-Einstellungen
Sicherheit
Einbinden der Webseite innerhalb einer anderen Domain verhindern:
Header append X-FRAME-OPTIONS "SAMEORIGIN"
In den meisten aktuellen Browsern den Cross-Site-Scripting (XSS)-Filter aktivieren:
Header set X-XSS-Protection "1; mode=block"
Internet Explorer und Google Chrome verbieten nach weiteren möglichen MIME-Types zu suchen:
Header set X-Content-Type-Options "nosniff"
SEO-Optimierung
Standard Zeichensatz im Header ausgeben:
AddDefaultCharset utf-8
301-Weiterleitung:
Redirect 301 /dokument-alt.html http://www.domain.de/dokument-neu.html
Zu eigenen Fehlerseiten umleiten:
ErrorDocument 400 http://www.domain.de/fehlerseite-400.html ErrorDocument 401 http://www.domain.de/fehlerseite-401.html ErrorDocument 403 http://www.domain.de/fehlerseite-403.html ErrorDocument 404 http://www.domain.de/fehlerseite-404.html ErrorDocument 500 http://www.domain.de/fehlerseite-500.html
HTTP Status Response Codes:
Informational
- 100 – Continue
- 101 – Switching Protocols
Successful
- 200 – OK
- 201 – Created
- 202 – Accepted
- 203 – Non-Authoritative Information
- 204 – No Content
- 205 – Reset Content
- 206 – Partial Content
Redirection
- 300 – Multiple Choices
- 301 – Moved Permanently
- 302 – Found
- 303 – See Other
- 304 – Not Modified
- 305 – Use Proxy
- 307 – Temporary Redirect
Client Error
- 400 – Bad Request
- 401 – Unauthorized
- 402 – Payment Required
- 403 – Forbidden
- 404 – Not Found
- 405 – Method Not Allowed
- 406 – Not Acceptable
- 407 – Proxy Authentication Required
- 408 – Request Timeout
- 409 – Conflict
- 410 – Gone
- 411 – Length Required
- 412 – Precondition Failed
- 413 – Request Entity Too Large
- 414 – Request-URI Too Long
- 415 – Unsupported Media Type
- 416 – Requested Range Not Satisfiable
- 417 – Expectation Failed
Server Error
- 500 – Internal Server Error
- 501 – Not Implemented
- 502 – Bad Gateway
- 503 – Service Unavailable
- 504 – Gateway Timeout
- 505 – HTTP Version Not Supported
Pagespeed-Optimierung
GZIP-Komprimierung aktivieren:
AddEncoding gzip .gz
<filesmatch "\.js\.gz$">
AddType "text/javascript" .gz
</filesmatch>
<filesmatch "\.css\.gz$">
AddType "text/css" .gz
</filesmatch>
<ifmodule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME} \.(js|css)$
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^(.*)$ $1.gz [QSA,L]
</ifmodule>
Webseiten-Komprimierung aktivieren:
<IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/atom_xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/x-shockwave-flash </IfModule>
Cache des Browsers nutzen:
<IfModule mod_expires.c> # Enable expirations ExpiresActive On # Default directive ExpiresDefault "access plus 1 month" # My favicon ExpiresByType image/x-icon "access plus 1 year” # Images ExpiresByType image/gif "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" # CSS ExpiresByType text/css "access 1 month” # Javascript ExpiresByType application/javascript "access plus 1 year" # Data interchange ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # HTML ExpiresByType text/html "access plus 0 seconds" # Manifest files ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" </IfModule>
Inhalte Komprimieren nach Dateiendungen:
<IfModule mod_headers.c> <FilesMatch ".(js|css|xml|gz|html)$"> Header append Vary: Accept-Encoding </FilesMatch> </IfModule>