_htaccess

# $Id$ [This line is used to check that this configuration file is up
#  to date. Do not edit this line and leave it as the first line.]
#
# These are suggested configuration directives for use with Tiki.
# They enhance security and permit clean URLs.
# In your Tiki instance, visit tiki-admin.php?page=sefurl to make Tiki use clean URLs in generated links.
#
# The .htaccess file may be enabled in number of different ways (in order of the most to the least recommended):
# Option 1: Let the installer handle it.
# Option 2: Create a symbolic link from .htaccess to _htaccess. This will keep the configuration up-to-date.
# Option 3: Copy _htaccess to .htaccess. Note : Do not move (rename) _htaccess, it is required (used internally) by some Tiki features (like SEFURL).
# Option 4: Add the content of this file to your httpd.conf.
# The last two options should be repeated when the reference _htaccess file changes (when upgrading Tiki).
#
# DEVELOPERS: This configuration must be kept synchronized with the configuration for other Web servers.
# See http://dev.tiki.org/Operating+System+independence#Keep_web.config_and_.htaccess_synchronized

# -- Prevent Reading of Certain File Extensions -- #
<FilesMatch "\.(bak|inc|lib|sh|tpl|sql)$">
    <IfModule mod_authz_core.c>
       Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        order deny,allow
        deny from all
    </IfModule>
</FilesMatch>
<FilesMatch "(changelog.txt|_htaccess)$">
    <IfModule mod_authz_core.c>
       Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        order deny,allow
        deny from all
    </IfModule>
</FilesMatch>

<IfModule mod_dir.c>
    # -- Home Page Feature -- #
    # Option 1: (recommended) Not using home page feature.
	DirectoryIndex index.php

	# Option 2: If using home page feature you may avoid the home page name being appended to the url by using this option.
	#DirectoryIndex tiki-index.php index.php
</IfModule>

# -- Ensure Caching Proxy Sends Content to Correct Client -- #
# In some distributions of Apache (e.g. Wampserver 2.5) you may also need to enable mod_filter as well for this to work.
#<IfModule mod_filter.c>
<IfModule mod_deflate.c>
	<IfModule mod_headers.c>
		# Make sure proxies don't deliver the wrong content.
		Header append Vary User-Agent env=!dont-vary
	</IfModule>
	AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
	<IfModule mod_mime.c>
		# DEFLATE by extension.
		AddOutputFilter DEFLATE js css htm html xml svg
	</IfModule>
</IfModule>
#</IfModule>

# -- Client Cache Method -- #
# Google wants either Last-Modified or ETag. Using ETags will improve the YSlow scores.
# Option 1: recommended
FileETag none

<IfModule mod_headers.c>
    # Option 2:
    #Header unset ETag

    # -- Client Cache Expiration -- #
    # Google suggests to use Expires in favour of Cache-Control.
    # Option 1: (recommended)
    Header unset Cache-Control

    #Option 2:
    #Header unset Expires

    # -- Persistent Connections -- #
    # Allow multiple requests to be sent over the same TCP connection. Enable if you serve a lot of static content
    # but, be aware of the possible disadvantages!
    # Read more: http://httpd.apache.org/docs/current/en/mod/core.html#keepalive
    #Header set Connection Keep-Alive

    # -- CORS-enabled Images (@crossorigin) --
    # Send CORS headers if browsers request them; enabled by default for images.
    # Read more: developer.mozilla.org/en/CORS_Enabled_Image
    # Read more: blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
    # Read more: hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/
    # Read more: wiki.mozilla.org/Security/Reviews/crossoriginAttribute
    <IfModule mod_setenvif.c>
    # Mod_headers, y u no match by Content-Type?!
        <FilesMatch "(?i)\.(gif|png|jpe?g|svgz?|ico)$">
            SetEnvIf Origin ":" IS_CORS
            Header set Access-Control-Allow-Origin "*" env=IS_CORS
        </FilesMatch>
    </IfModule>

    # -- Webfont Access -- #
    # Allow access from all domains for webfonts.
    # Alternatively you could whitelist your subdomains like "subdomain.example.com".
    <FilesMatch "(?i)\.(ttf|ttc|otf|eot|woff2?|css|js)$">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>

</IfModule>

# -- Expires Headers -- #
# If the site is in active development, you may want to comment out this section.
<IfModule mod_expires.c>
	<FilesMatch "(?i)\.(gif|png|jpe?g|svgz?|ico)$">
		ExpiresActive on
		ExpiresDefault "access plus 1 month"
	</FilesMatch>
	<FilesMatch "(?i)\.(js|css)$">
		ExpiresActive on
		ExpiresDefault "access plus 1 month"
	</FilesMatch>
</IfModule>

<IfModule mod_rewrite.c>

    # More information: http://doc.tiki.org/Rewrite+Rules
    RewriteEngine On

    # -- Tiki Root -- #
    # You need to customize the RewriteBase value below if Tiki is installed in a subdirectory of your web root.
    # The value needs to match the subdirectory name that Tiki is installed in.
    # You will get errors otherwise. e.g. "The requested URL /absolutepath/tiki-index.php was not found on this server"
    #RewriteBase   /tiki

    # -- Redirect Missing Directories To Homepage -- #
    # Prevent broken pages and slow upload times. e.g., try yourdomain.com/bogus/ or yourdomain.com/tiki/bogus/
    # The below may not work in all configurations depending on redirects already in place.

    # If directories containing other programs are legitimate (e.g. when Tiki is installed in a subdirectory), then modify and enable the following line.
    #RewriteCond %{REQUEST_URI} !(^/otherokaydirectory/)

    # If Tiki is installed in the web root and your home page is named HomePage, then enable this.
    #RewriteRule ^(.+[^/])/$  /HomePage [R=301,L]

    # If Tiki is installed in a subdirectory of the web root, then customize and enable it below.
    #RewriteRule ^(.+[^/])/$  /tiki/HomePage [R=301,L]

    # -- Legacy Template Image Locations -- #
    # Since Tiki9, image locations have changed. If your custom template links to these images enabling these
    # options may fix your broken images.
    # The preferred solution is to change the directory paths in your custom template.
    # Read more: http://dev.tiki.org/ImgDirectoryRevamp
    #RewriteRule ^img/icons2/(.*)$ img/icons/$1
    #RewriteRule ^pics/large/(.*)$ img/icons/large/$1
    #RewriteRule ^img/mytiki/(.*)$ img/icons/large/$1
    #RewriteRule ^pics/(.*)$ img/$1
    #RewriteRule ^images/(.*)$ img/icons/$1

    # -- Apache Authorization Header -- #
    # Rewrite rules for passing authorization with Apache running in CGI or FastCGI mode
    RewriteCond %{HTTP:Authorization} ^(.*)
    RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

    # -- SVN Checkout Enabled Tiki -- #
    # Prevents reading of SVN specific files, if your website is using this. (Development only normally)
    RewriteRule	.*/\.svn/.*	-	[F,L]

    # -- If the URL Points to a File Then do Nothing -- #
    RewriteCond %{REQUEST_FILENAME} -s [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule (.*) - [L]

    # -- Profiles Repository -- #
    # Set the parentId (here set as 1) to the Id of the category containing your profile pages.
    # Enable feature_wiki_export, feature_wiki and feature_categories in your Tiki settings.
    # Enable tiki_p_view_category and tiki_p_export_wiki in Tiki for anonymous to be a repository.
    # Read more: http://doc.tiki.org/Profiles
    #RewriteRule ^profiles$             tiki-browse_categories.php?find=&deep=on&type=wiki+page&parentId=1&sort_mode=name_asc&plain&maxRecords=1000000 [L]

    # -- Plain Text Sitemap SEO -- #
    # Makes a short link to a list of objects to export as a plain text sitemap.
    # Set the parentId (here set as 2) to the id of a category containing the objects you wish to be
    # crawled by search engines.
    #RewriteRule ^sitemap.txt$          tiki-browse_categories.php?find=&deep=on&type=wiki+page&parentId=2&sort_mode=name_asc&links&maxRecords=1000000 [L]

	# -- RSS Feeds -- #
	# Example rewrite rule to use the search as a simple RSS feed
	#RewriteRule feed-(.*)\.rss         tiki-searchindex.php?httpaccept=application\%2Frss\%2Bxml&filter~content=$1  [QSA,L]

    # -- Tiki URL Rewriting -- #
    # Read more: https://dev.tiki.org/URL+Rewriting+Revamp
    RewriteRule .*                     route.php                                [L]

    # -- Tiki Username Link -- #
    # Option 1: Exact Match.
    # Access a link to any user by providing its username e.g www.yourtiki.me/u:myusername.
    #RewriteRule ^u:([A-Za-z0-9]+)       tiki-view_tracker_item.php?user=$1&view=+user           [QSA,L]

    # Option 2: String Match.
    # Adapt with your user tracker id and user selector field id
    #RewriteRule ^u:([A-Za-z0-9]+)       tiki-view_tracker.php?trackerId=1&filterfield=3&filtervalue\[3\]=$1           [QSA,L]

</IfModule>

# -- Prevent Directory Browsing -- #
# Recommended if you do not use it (you will know if you do).
#Options -Indexes

# -- Developer cTag Blocking -- #
# This prevents reading of tags file for developers who run ctags on their server.
#<Files tags>
#    <IfModule mod_authz_core.c>
#       Require all denied
#    </IfModule>
#    <IfModule !mod_authz_core.c>
#        order deny,allow
#        deny from all
#    </IfModule>
#</Files>

# -- Web Server Auth -- #
# Option 1: recommended
#AuthType Basic
#AuthName "Restricted Access"
#AuthUserFile /etc/httpd/passwords
#Require valid-user

# Option 2: Allows services that POST back to Tiki, but less secure.
#<Limit GET>
#	Require valid-user
#</Limit>

# -- Apache Error Handling -- #
# Tiki can catch some errors and deal with them by redirecting to a similar page, sending you to the
# search, etc. However, some errors do not reach Tiki and are only caught by Apache (ex.: filenameThatDoesntExist.php).
# To make Tiki handle errors caught by Apache, uncomment some of the following lines and adapt the page names.
# You must create the pages before trying to use them.
#ErrorDocument 404 /tiki-index.php?page=File+not+found
#ErrorDocument 500 /tiki-index.php?page=Server+error

# -- Permanent Redirects -- #
# This is useful if you were using another Web application or static HTML and you want to avoid broken links.
#Redirect 301 /oldpage.html /tiki-index.php?page=newpage

# -- Force PHP Version -- #
# Tiki requires PHP5.6 - PHP7. If your host doesn't run one of these by default, it's possible that it can
# be activated by trying to enable it here.  Check with your host.
# Option 1: PHP5
#AddType application/x-httpd-php5 .php
#AddHandler application/x-httpd-php5 .php

# Option 2: PHP7
#AddType application/x-httpd-php7 .php
#AddHandler application/x-httpd-php7 .php

# -- Pass User/Object Information to Server Logs -- #
#SetEnv TIKI_HEADER_REPORT_ID tikiwiki
#SetEnv TIKI_HEADER_REPORT_USER on
#SetEnv TIKI_HEADER_REPORT_OBJECT on
#SetEnv TIKI_HEADER_REPORT_EVENTS on

# -- PHP Settings -- #
# If possible, it's better to change the following settings through your php.ini file, or through your webhosting control panel.
# Some web hosts will not allow you to change these setting through the .htaccess file.

# To activate the error display, uncomment the following line.
# Read more http://php.net/manual/en/errorfunc.configuration.php#ini.display-errors
#php_flag display_errors on

# To set the error_reporting level, uncomment the following line.
# Read more: http://php.net/manual/en/errorfunc.configuration.php#ini.error-reporting
#php_value error_reporting E_ALL

# Increase memory limit (default is 128M). Use this if you are getting blank pages and/or strange errors.
# Read more: http://php.net/manual/en/ini.core.php#ini.memory-limit
#php_value memory_limit 256M

# Increase execution time.
# Default value in Apache used to be 30, and in some cases of long wiki pages with many plugins it may take longer.
# Read more: http://php.net/manual/en/info.configuration.php#ini.max-execution-time
#php_value max_execution_time 90

# This sets the maximum time in seconds a script is allowed to parse input data, like POST and GET.
#php_value max_input_time 90

# Increase the maximum file size for uploads allowed by PHP.
# Default value in Apache used to be 2M which is usually too low for PDF or documents with some images, screenshots, etc.
# Read more: http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
# Read more: http://php.net/manual/en/ini.core.php#ini.post-max-size
#php_value upload_max_filesize 10M
#php_value post_max_size 11M

# In some cases you may see open_basedir warnings about Smarty accessing PHP files that it shouldn't.
# The following line (uncommented) will reset the include path to use only Tiki's files which will solve this in most cases.
#php_value include_path "."

# Some features like assigning perms to a group with a name containing a quote will not work without this.
#php_flag magic_quotes_gpc off

# Set a character set
#php_value default_charset utf-8

# Timezone
# Needed for dates and times to work properly in PHP.
# Option 1: recommended
#php_value date.timezone "America/New_York"

# Option 2: Set the apache environment variable
#SetEnv TZ America/New_York