Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

.htaccess for opencart issues

Discussion in 'General Discussion' started by canou83, Sep 21, 2017.

  1. canou83

    canou83 Well-Known Member

    Joined:
    Jul 20, 2016
    Messages:
    74
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    France
    cPanel Access Level:
    Website Owner
    Good evening, since our passage in protocol ssl / https on some of our sites, we record decreases in connections.

    If people want to check our .htaccess for error or optimization

    Code:
    # 1.To use URL Alias you need to be running apache with mod_rewrite enabled.
    
    # 2. In your opencart directory rename htaccess.txt to .htaccess.
    
    # For any support issues please visit: http://www.opencart.com
    
    # Specify a Default Charset
    AddDefaultCharset utf-8
    
    Options +FollowSymlinks
    
    # Prevent Directoy listing
    Options -Indexes
    
    # Prevent Direct Access to files
    <FilesMatch "(?i)((\.tpl|\.ini|\.log))">
    Require all denied
    ## For apache 2.2 and older, replace "Require all denied" with these two lines :
    # Order deny,allow
    # Deny from all
    </FilesMatch>
    
    # If your OpenCart installation does not run on the main web folder, make sure your folder is one it does run in, e.g., / becomes /shop/
    RewriteEngine On
    RewriteBase /
    
    # force www and https
        RewriteCond %{HTTP_HOST}  ^mysite\.com$ [OR]
        RewriteCond %{HTTPS}  off
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^(.*)$  https://www.mysite.com/$1  [R=301,L]
    # from this point on, any RewriteRule must use https for the protocol and www. in the domain
    
    # SEO URL Settings
        RewriteCond  %{REQUEST_URI}  ^                     
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^sitemap.xml$ index.php?route=feed/google_sitemap [L]
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^googlebase.xml$ index.php?route=feed/google_base [L]
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^system/storage/download/(.*) index.php?route=error/not_found [L]
     # if not a real file or directory, and not certain filetypes, send to index.php with _route_ set
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^(.*)$ index.php?_route_=$1 [L,QSA]
        
     # if at the end, Query String contains "common/home", redirect to index.php root instead
        RewriteCond %{QUERY_STRING} ^(.*)common/home(.*)$
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
        RewriteRule ^index\.php$ https://www.mysite.com/? [R=301,L]
    
    # Enable Gzip Compression
    AddOutputFilterByType DEFLATE text/text
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    
    ## EXPIRES CACHING ##
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/ico "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/x-javascript "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 2 days"
    </IfModule>
    ## EXPIRES CACHING ##
    
    # Les expires headers
    <IfModule mod_expires.c>
    # Enable expirations
    ExpiresActive On
    # Default directive
    ExpiresDefault "access plus 1 month"
    # My favicon
    ExpiresByType image/x-icon "access plus 1 year"
    # Images
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/webp "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    # CSS
    ExpiresByType text/css "access plus 1 month"
    # Javascript
    ExpiresByType application/javascript "access plus 1 year"
    </IfModule>
    
    # Disable server signature (Security)
    ServerSignature Off
    Header unset Etag
    FileETag none
    
    # Increase cookie security (Security)
    <IfModule php5_module>
        php_value session.cookie_httponly true
    </IfModule>
    
    # HTTP Response Headers
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-XSS-Protection 1;mode=block
    Header set X-Content-Type-Options nosniff
    
    # Webfont access
    <IfModule mod_headers.c>
        <FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$">
            Header set Access-Control-Allow-Origin "*"
        </FilesMatch>
    </IfModule>
    
    # Force latest IE rendering engine
    <IfModule mod_headers.c>
        Header set X-UA-Compatible "IE=Edge,chrome=1"
            # mod_headers can't match by content-type, but we don't want to this header on everything
            <FilesMatch "\.(js|css|gif|png|jpeg|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
                Header unset X-UA-Compatible
            </FilesMatch>
    </IfModule>
    
    # Instructs the proxies to cache two versions of the resource: one compressed, and one uncompressed.
    <IfModule mod_headers.c>
      <FilesMatch "\.(js|css|xml|gz)$">
        Header append Vary: Accept-Encoding
      </FilesMatch>
    </IfModule>
    
    # CORS-enabled images (@crossorigin)
    <IfModule mod_setenvif.c>
        <IfModule mod_headers.c>
            <FilesMatch "\.(gif|png|jpeg|svg|svgz|ico|webp)$">
                SetEnvIf Origin ":" IS_CORS
                Header set Access-Control-Allow-Origin "*" env=IS_CORS
            </FilesMatch>
        </IfModule>
    </IfModule>
    
    <Files 403.shtml>
    order allow,deny
    allow from all
    </Files>
    
    ### Additional Settings that may need to be enabled for some servers
    ### Uncomment the commands by removing the # sign in front of it.
    ### If you get an "Internal Server Error 500" after enabling any of the following settings, restore the # as this means your host doesn't allow that.
    
    # 1. If your cart only allows you to add one item at a time, it is possible register_globals is on. This may work to disable it:
    # php_flag register_globals off
    
    # 2. If your cart has magic quotes enabled, This may work to disable it:
    # php_flag magic_quotes_gpc Off
    
    # 3. Set max upload file size. Most hosts will limit this and not allow it to be overridden but you can try
    # php_value upload_max_filesize 999M
    
    # 4. set max post size. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
    # php_value post_max_size 999M
    
    # 5. set max time script can take. uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
    # php_value max_execution_time 200
    
    # 6. set max time for input to be recieved. Uncomment this line if you have a lot of product options or are getting errors where forms are not saving all fields
    # php_value max_input_time 200
    
    # 7. disable open_basedir limitations
    # php_admin_value open_basedir none
    deny from 203.133.169.230
    
    # php -- BEGIN cPanel-generated handler, do not edit
    # Définissez le package « ea-php56 » comme langage de programmation « PHP » par défaut.
    <IfModule mime_module>
      AddType application/x-httpd-ea-php56 .php .php5 .phtml
    </IfModule>
    # php -- END cPanel-generated handler, do not edit
    
    Thanks a lot
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. canou83

    canou83 Well-Known Member

    Joined:
    Jul 20, 2016
    Messages:
    74
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    France
    cPanel Access Level:
    Website Owner
    Hi, Any
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you elaborate on this response? It looks like it was cut off.

    Thank you.
     
  5. canou83

    canou83 Well-Known Member

    Joined:
    Jul 20, 2016
    Messages:
    74
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    France
    cPanel Access Level:
    Website Owner
    Sorry. No error.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Your access level shows as "Website Owner". Do you have root access to this server?

    Thank you.
     
  7. canou83

    canou83 Well-Known Member

    Joined:
    Jul 20, 2016
    Messages:
    74
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    France
    cPanel Access Level:
    Website Owner
    Yes via WHM
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look?

    Thank you.
     
  9. canou83

    canou83 Well-Known Member

    Joined:
    Jul 20, 2016
    Messages:
    74
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    France
    cPanel Access Level:
    Website Owner
    Hi, could you explain why you ask me to get a ticket, then I just ask if my .htaccess is correct according to you?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    This is the part we'd need to investigate, as you mentioned there are no corresponding entries in the error logs, and I don't see anything that stands out in your .htaccess file.

    Thank you.
     
Loading...

Share This Page