I am trying to configure my .htaccess file to set the cache time. Tryied every possible configuration but nothing works!
This is what is written in my HTML:
<meta http-equiv="Cache-Control" content="max-age=2592000, public" />
<!--
<meta http-equiv="expires" content="mon, 24 sep 2012 14:30:00 GMT">
-->
and this is what written in my .htaccess file:
ExpiresActive On
ExpiresDefault A3600
However, when I refresh inclusind cache clear (ctrl+F5) in firefox, my firebug NET panel says that the cache expires at the same second I have accessed the file ( and not in the future, as I want it to be).
What am I doing wrong??
Thanks
I advise you to use headers mod. You can activate it (if disabled) with this command :
a2enmod headers
Here is a simple code example that works:
<IfModule mod_headers.c>
# WEEK
<FilesMatch "\.(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
# WEEK
<FilesMatch "\.(js|css|swf)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
</IfModule>
max-age is cached time in seconds.
Related
I have this error from W3C Tool...
I changed my code from
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
to
<meta http-equiv="X-UA-Compatible" content="IE=edge">
but the tools still show me the same error message...
I found the solution...
I must change this in .htaccess file too...
Hum, I have changed it in the HTML files but doesn't work, When I fixed it in .htaccees file it works, very strange :)
Old code:
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=Edge,chrome=1"
<FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
New code:
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=Edge"
<FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
And everything is working perfect now :)
I'm new to CORS and have learnt that the OPTIONS preflight request sent by the browser excludes user credentials.
How do I get the filter (in httpd.conf) to respond to OPTIONS requests differently, i.e bypassing the authentication ?
This is my current configuration :
<LocationMatch /api>
SetEnvIfNoCase Origin "https://(www\.)?(domain1\.com|domain2\.com)(:\d+)?$" AccessControlAllowOrigin=$0
Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "GET,POST,DELETE,OPTIONS"
Header set Access-Control-Allow-Headers "Accept, Authorization, Origin, Content-Type"
AuthFormProvider ldap
AuthLDAPURL "ldap://localhost:10889/ou=Users,dc=work,dc=com?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
Require valid-user
ErrorDocument 401 /login.html
ErrorDocument 500 /error.html
AuthType form
AuthName realm
Session On
SessionMaxAge 1800
SessionDBDCookieName session path=/
ProxyPass http://localhost:8080 timeout=31536000
AuthFormFakeBasicAuth On
</LocationMatch>
And the javascript which makes the request :
$.ajax({
type : "DELETE",
url : "https://www.domain1.com/api",
xhrFields: {
withCredentials: true,
},
success : function(data){
},
});
I've tried the follwoing but with no luck :
(a)
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}]
(b)
<Limit OPTIONS>
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Credentials "false"
Header always set Access-Control-Allow-Headers "Accept, Authorization, Origin, Content-Type"
Header always set Access-Control-Allow-Methods "GET,POST,DELETE,OPTIONS,PUT"
</Limit>
(c)
<Limit OPTIONS>
Allow for all
</Limit>
(d)
SetEnvIfNoCase Request_Method OPTIONS allowed
Any idea ? Please help !
I had the same issue which I solved today with the help of this question. Basically your option c.
My conf structure is:
conf/httpd.conf <- normal stuff
conf.d/ssl.conf <- set up ssl stuff
conf.d/api.conf <- set specific stuff to api like Auth
/var/www/.htaccess <- set specific stuff to api again
This allows for limiting everything except for OPTIONS
/conf.d/api.conf file:
<Directory "/var/www/api">
AllowOverride All
Options FollowSymLinks
<LimitExcept OPTIONS>
Auth stuff here
Mainly your Require statements
</LimitExcept>
</Directory>
Then in my .htaccess file I set the headers.
The Apache manual in the require directive states "Access controls which are applied in this way are effective for all methods. This is what is normally desired. If you wish to apply access controls only to specific methods, while leaving other methods unprotected, then place the Require statement into a <Limit> [or <LimitExcept>] section."
I had to make sure my application could handle OPTIONS as this setup is not doing an automatic return. Here or here one can see how to redirect which may work instead of having something in the application handle it.
We have a desktop and a mobile version of our webapp.
The desktop url is more prominent and so we would like to redirect the user to the mobile version in case the request is for the desktop url from a mobile device.
In the apache config we have the mod_rewrite module
and my config at present looks like this
<IfModule mod_rewrite>
RewriteEngine On
RewriteCond %{x-wap-profile} ^https?://
RewriteRule ^/(.*) http://google.com [L,R]
</IfModule>
At this point this is the only rewrite rule that we have so I'm not sure if L is required because this is the first and last rule anyway.
I have just indicated redirection to google.com for testing purposes
I'm not sure if my condition check is right.I couldn't figure out how to check for existence of a header.Is that what is wrong?If yes,please let me know how to specify the RewriteCond
How I'm Testing?
I'm testing from a Firefox browser and using the Modify headers plugin to simulate the mobile request.I'm adding the x_wap_profile header.
However I don't see any redirect happening with this config.Can you please let me know where I'm going wrong?I would also appreciate if there is any logging that can be introduced here to verify if this rule is being trigerred.I don't see any errors though with the current modified config.
To check for an arbitrary header in mod_rewrite (i.e. a header not in this list), the syntax is:
RewriteCond %{HTTP:x-wap-profile}
This one seems to work:
RewriteEngine On
RewriteCond %{HTTP:x-wap-profile} ^.+
RewriteRule .* http://google.com [L,R]
piotrek#piotrek-Vostro-2520:~/vhosts/localhost$ curl http://localhost/
OKOK
piotrek#piotrek-Vostro-2520:~/vhosts/localhost$ curl -H 'x-wap-profile: abcd' http://localhost/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved here.</p>
<hr>
<address>Apache/2.4.6 (Ubuntu) Server at localhost Port 80</address>
</body></html>
Change it to make it work for https inside header.
Docs here: http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond in section Other things you should be aware of:.
Haven't some issues with the cross-browsers with the icon replacement fonts on Firefox, currently only show-up the content text but not the icomoon text replacement. Source code shown from code Sass + Magento + .htaccess, any idea or help would be much appreciated.
Website:
http://www.phoebessecret.co.nz
Had done .htaccess rewrite:
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
AddType application/vnd.ms-fontobject eot
AddType font/truetype ttf
AddType font/opentype otf
AddType application/x-font-woff woff
<FilesMatch ".(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Origin "http://www.phoebessecret.co.nz"
Header set Access-Control-Allow-Origin "http://skin.phoebessecret.co.nz"
Header set Access-Control-Allow-Origin "http://js.phoebessecret.co.nz"
Header set Access-Control-Allow-Origin "http://media.phoebessecret.co.nz"
</IfModule>
</FilesMatch>
CSS:
#font-face {
font-family: 'topshops';
src:url('../fonts/topshops.eot');
src:url('../fonts/topshops.eot?#iefix') format('embedded-opentype'),
url('../fonts/topshops.svg#topshops') format('svg'),
url('../fonts/topshops.woff') format('woff'),
url('../fonts/topshops.ttf') format('truetype');
font-weight: normal;
font-style: normal;}
.icon-fonts {
font-family: 'topshops';
font-style: normal;
speak: none;
-webkit-font-smoothing: antialiased;
font-smoothing: antialiased;
text-rendering: optimizeLegibility;
font-weight: 400;
}
.iconsearch {
content: "\61";
}
Try to add this to your .htaccess file.
It should fix your issue. It fixed mine.
<FilesMatch ".(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
I was having issues with icomoon and Firefox as well. Have you tried Paul Irish's 'bulletproof' #font-face syntax? It's a little different than what icomoon outputs and I've had better luck with it - no FF issues since.
#font-face {
font-family: 'Graublau Web';
src: url('GraublauWeb.eot?') format('eot'), url('GraublauWeb.woff') format('woff'), url('GraublauWeb.ttf') format('truetype');
}
I had the same problem (with a Wordpress installation), icomoon icons were not showing in Firefox. Chrome, Safari, IE worked fine.
After the Site was up and running, the client asked me to include www to the url, instead of just http://. So I changed the blog Adress, but not the Wordpress Adress (in the Wordpress Dashboard). Suddenly all Icomoon Icons were gone. After adding www to the Wordpress address, the icons were back.
There are two things you may try. I used both and it worked for me.
Use full links in in your CSS file to reference icomoon. Your .htaccess may be rewriting the URL. Secondly add the following in .htaccess file just as webkub pointed out.
<FilesMatch ".(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
If you're running IIS, you'd want to modify your web.config and probably add the httpProtocol section as shown below:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
I'm dealing with a Magento site that has a 3rd party CMS integration. When I enable Mod_deflate via the .htaccess file most of the site works well. All of the pages that pull the information from the CMS show "gobbledy-gook" and it apprears that what is supposed to apprear is not getting decompressed.
I'm attempting to simply exclude parts of the site that employ the CMS from compression (including the home page), however, I'm not sure if I can exclude urls from mod_deflate via SetEnvIfNoCase. A yea, nea or syntax help would be appreciated.
Here are my lines:
SetEnvIfNoCase Request_URI "(/site/*)" no-gzip dont-vary #exclude www.example.com/site/
SetEnvIfNoCase Request_URI "(/)" no-gzip dont-vary #only exclude homepage or index.php
So here is the solution. If you need to gzip your site, but for some reason parts of your site don't react well to gzip compression - such as the 3rd party CMS integration with Magento. Enable mod-Deflate in your .htaccess file and include this line:
SetEnvIf Request_URI ^/yourdir(.*) no-gzip dont-vary
yourdir being the directory where your cms is installed.
From my reading of the Apache docs you would want
SetEnvIf
not
SetEnvIfNoCase
AllInOne, would the correct syntax be?:
SetEnvIf Request_URI "(/site/*)" no-gzip dont-vary
SetEnvIf Request_URI "(/)" no-gzip dont-vary