add comprehensive .htaccess configuration for production deployment

- Update Apache documentation with complete .htaccess examples for both root and subdirectory deployments - Include configuration examples for subpath deployments (e.g., /pdf/)
2026-01-14 22:05:16 +05:30
parent abf7ae8a00
commit 531e1ad1c6
3 changed files with 251 additions and 39 deletions
--- a/.htaccess
+++ b/.htaccess
@@ -0,0 +1,139 @@
+RewriteEngine On
+RewriteBase /
+
+# ============================================
+# 1. SECURITY HEADERS (UPDATED FOR CDN COMPATIBILITY)
+# ============================================
+<IfModule mod_headers.c>
+Header always set X-Frame-Options "SAMEORIGIN"
+Header always set X-Content-Type-Options "nosniff"
+Header always set X-XSS-Protection "1; mode=block"
+Header always set Referrer-Policy "strict-origin-when-cross-origin"
+Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
+Header always set Cross-Origin-Opener-Policy "same-origin"
+Header always set Cross-Origin-Embedder-Policy "require-corp"
+</IfModule>
+
+# ============================================
+# 2. BROWSER CACHING
+# ============================================
+<IfModule mod_expires.c>
+ExpiresActive On
+ExpiresByType image/jpeg "access plus 1 year"
+ExpiresByType image/png "access plus 1 year"
+ExpiresByType image/gif "access plus 1 year"
+ExpiresByType image/webp "access plus 1 year"
+ExpiresByType image/svg+xml "access plus 1 year"
+ExpiresByType image/x-icon "access plus 1 year"
+ExpiresByType font/woff2 "access plus 1 year"
+ExpiresByType font/woff "access plus 1 year"
+ExpiresByType font/ttf "access plus 1 year"
+ExpiresByType text/css "access plus 1 month"
+ExpiresByType application/javascript "access plus 1 month"
+ExpiresByType application/wasm "access plus 1 year"
+ExpiresByType application/gzip "access plus 1 year"
+ExpiresByType text/html "access plus 0 seconds"
+</IfModule>
+
+# ============================================
+# 3. COMPRESSION (STANDARD)
+# ============================================
+SetEnvIfNoCase Request_URI "\.gz$" no-gzip
+SetEnvIfNoCase Request_URI "\.br$" no-gzip
+SetEnvIfNoCase Request_URI "\.wasm$" no-gzip
+
+<IfModule mod_deflate.c>
+AddOutputFilterByType DEFLATE text/plain
+AddOutputFilterByType DEFLATE text/html
+AddOutputFilterByType DEFLATE text/xml
+AddOutputFilterByType DEFLATE text/css
+AddOutputFilterByType DEFLATE application/xml
+AddOutputFilterByType DEFLATE application/xhtml+xml
+AddOutputFilterByType DEFLATE application/rss+xml
+AddOutputFilterByType DEFLATE application/javascript
+AddOutputFilterByType DEFLATE application/x-javascript
+AddOutputFilterByType DEFLATE application/json
+AddOutputFilterByType DEFLATE image/svg+xml
+AddOutputFilterByType DEFLATE font/woff
+AddOutputFilterByType DEFLATE font/ttf
+</IfModule>
+
+# ============================================
+# 4. MIME TYPES & SPECIAL FILE HANDLING
+# ============================================
+AddType application/javascript .js .mjs
+AddType application/wasm .wasm
+AddType font/woff2 .woff2
+AddType font/woff .woff
+AddType image/webp .webp
+
+<FilesMatch "soffice\.wasm\.gz$">
+ForceType application/wasm
+Header set Content-Encoding "gzip"
+Header set Cross-Origin-Resource-Policy "cross-origin"
+Header append Vary Accept-Encoding
+</FilesMatch>
+
+<FilesMatch "soffice\.data\.gz$">
+ForceType application/octet-stream
+Header set Content-Encoding "gzip"
+Header append Vary Accept-Encoding
+</FilesMatch>
+
+# ============================================
+# 5. REDIRECTS & ROUTING
+# ============================================
+# Canonical WWW
+RewriteCond %{HTTP_HOST} ^bentopdf\.com [NC]
+RewriteRule ^(.*)$ https://www.bentopdf.com/$1 [L,R=301]
+
+# Force HTTPS
+RewriteCond %{HTTPS} off
+RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+# Remove trailing slash (except for language root directories)
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_URI} !^/(de|es|zh|zh-TW|vi|it|id|tr|fr|pt)/$
+RewriteCond %{REQUEST_URI} (.+)/$
+RewriteRule ^ %1 [R=301,L]
+
+# Existing files/dirs - serve directly
+RewriteCond %{REQUEST_FILENAME} -f [OR]
+RewriteCond %{REQUEST_FILENAME} -d
+RewriteRule ^ - [L]
+
+# ============================================
+# 5.1. LANGUAGE ROUTES (MUST BE BEFORE .html extension rule)
+# ============================================
+# English prefix redirects to root
+RewriteRule ^en/?$ / [R=301,L]
+RewriteRule ^en/(.+)$ /$1 [R=301,L]
+
+# Language prefix root (e.g., /de/ -> /de/index.html)
+RewriteCond %{DOCUMENT_ROOT}/$1/index.html -f
+RewriteRule ^(de|es|zh|zh-TW|vi|it|id|tr|fr|pt)/?$ /$1/index.html [L]
+
+# Language prefix with path (e.g., /de/merge-pdf -> /de/merge-pdf.html)
+RewriteCond %{DOCUMENT_ROOT}/$1/$2.html -f
+RewriteRule ^(de|es|zh|zh-TW|vi|it|id|tr|fr|pt)/([^/]+)/?$ /$1/$2.html [L]
+
+# ============================================
+# 5.5. DOCS ROUTING (VitePress)
+# ============================================
+RewriteCond %{REQUEST_URI} ^/docs
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME}\.html -f
+RewriteRule ^(.*)$ $1.html [L]
+
+# ============================================
+# 6. ADD .HTML EXTENSION IF FILE EXISTS (ROOT LEVEL ONLY)
+# ============================================
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_FILENAME}.html -f
+RewriteRule ^([^/]+)$ $1.html [L]
+
+# ============================================
+# 7. ERROR PAGES
+# ============================================
+ErrorDocument 404 /404.html