-
Notifications
You must be signed in to change notification settings - Fork 0
/
.htaccess.sample
37 lines (29 loc) · 1.22 KB
/
.htaccess.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
Header always setifempty Cross-Origin-Resource-Policy "same-site"
RewriteEngine On
RewriteBase /
# OPTION 1 REFFERER WHITELIST
# Add your own domains to the referrer whitelist.
RewriteCond %{HTTP_REFERER} !^https://([a-z0-9A-Z_-]*\.)?example\.invalid/ [NC]
# END
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteRule .*\.png$ - [F]
# OPTION 2 FETCH METADATA
RewriteCond %{HTTP_SEC_FETCH_SITE} !^(|same-site|same-origin)$ [NC]
RewriteCond %{HTTP_SEC_FETCH_MODE} !^(|no-cors)$ [NC]
RewriteCond %{HTTP_SEC_FETCH_DEST} !^(|image)$ [NC]
RewriteRule .*\.png$ - [F]
# disallow access to no_backup store (or any other storage directory for all tiles)
RewriteCond %{REQUEST_URI} ^/no_backup/
RewriteRule .* - [F,L]
# Download non-cached tiles
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} ^/([a-z]+)/([0-9]+)/([0-9]+)/([0-9]+)\.png$
RewriteRule . /tile.php?layer=%1&x=%3&y=%4&z=%2 [L,QSA,E=TILE_DOWNLOAD:1]
RewriteCond %{ENV:REDIRECT_TILE_DOWNLOAD} ^$
RewriteRule ^tile.php - [F,L]
# Block access to important files
RewriteRule ^config.php - [F,L]
RewriteRule ^cron.php - [F,L]
# Enable browser caching. See also TILECACHE_BROWSER_CACHE_DAYS in config.php which has to be in sync!
ExpiresActive On
ExpiresByType image/png "access plus 14 day"