Nützliche htaccess-Einstellungen

Sicherheit

Einbinden der Webseite innerhalb einer anderen Domain verhindern:

Header append X-FRAME-OPTIONS "SAMEORIGIN"

In den meisten aktuellen Browsern den Cross-Site-Scripting (XSS)-Filter aktivieren:

Header set X-XSS-Protection "1; mode=block"

Internet Explorer und Google Chrome verbieten nach weiteren möglichen MIME-Types zu suchen:

Header set X-Content-Type-Options "nosniff"

SEO-Optimierung

Standard Zeichensatz im Header ausgeben:

AddDefaultCharset utf-8

301-Weiterleitung:

Redirect 301 /dokument-alt.html http://www.domain.de/dokument-neu.html

Zu eigenen Fehlerseiten umleiten:

ErrorDocument 400 http://www.domain.de/fehlerseite-400.html
ErrorDocument 401 http://www.domain.de/fehlerseite-401.html
ErrorDocument 403 http://www.domain.de/fehlerseite-403.html
ErrorDocument 404 http://www.domain.de/fehlerseite-404.html
ErrorDocument 500 http://www.domain.de/fehlerseite-500.html

HTTP Status Response Codes:

Informational

  • 100 – Continue
  • 101 – Switching Protocols

Successful

  • 200 – OK
  • 201 – Created
  • 202 – Accepted
  • 203 – Non-Authoritative Information
  • 204 – No Content
  • 205 – Reset Content
  • 206 – Partial Content

Redirection

  • 300 – Multiple Choices
  • 301 – Moved Permanently
  • 302 – Found
  • 303 – See Other
  • 304 – Not Modified
  • 305 – Use Proxy
  • 307 – Temporary Redirect

Client Error

  • 400 – Bad Request
  • 401 – Unauthorized
  • 402 – Payment Required
  • 403 – Forbidden
  • 404 – Not Found
  • 405 – Method Not Allowed
  • 406 – Not Acceptable
  • 407 – Proxy Authentication Required
  • 408 – Request Timeout
  • 409 – Conflict
  • 410 – Gone
  • 411 – Length Required
  • 412 – Precondition Failed
  • 413 – Request Entity Too Large
  • 414 – Request-URI Too Long
  • 415 – Unsupported Media Type
  • 416 – Requested Range Not Satisfiable
  • 417 – Expectation Failed

Server Error

  • 500 – Internal Server Error
  • 501 – Not Implemented
  • 502 – Bad Gateway
  • 503 – Service Unavailable
  • 504 – Gateway Timeout
  • 505 – HTTP Version Not Supported

Pagespeed-Optimierung

GZIP-Komprimierung aktivieren:

AddEncoding gzip .gz
<filesmatch "\.js\.gz$">
AddType "text/javascript" .gz
</filesmatch>
<filesmatch "\.css\.gz$">
AddType "text/css" .gz
</filesmatch>
<ifmodule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME} \.(js|css)$
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^(.*)$ $1.gz [QSA,L]
</ifmodule>

Webseiten-Komprimierung aktivieren:

<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/atom_xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/x-shockwave-flash
</IfModule>

Cache des Browsers nutzen:

<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault "access plus 1 month"
# My favicon
ExpiresByType image/x-icon "access plus 1 year”
# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
# CSS
ExpiresByType text/css "access 1 month”
# Javascript
ExpiresByType application/javascript "access plus 1 year"
# Data interchange
ExpiresByType application/json                      "access plus 0 seconds"
ExpiresByType application/xml                       "access plus 0 seconds"
ExpiresByType text/xml                              "access plus 0 seconds"
# HTML
ExpiresByType text/html                             "access plus 0 seconds"
# Manifest files
ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
ExpiresByType text/cache-manifest                   "access plus 0 seconds"
</IfModule>

Inhalte Komprimieren nach Dateiendungen:

<IfModule mod_headers.c>
<FilesMatch ".(js|css|xml|gz|html)$">
Header append Vary: Accept-Encoding
</FilesMatch>
</IfModule>

Programmierer, Webentwickler, Technik-Freak ...

nach oben