WP Rocket htaccess cache code

Home Forums BulletProof Security Free WP Rocket htaccess cache code

Tagged: 

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #25437
    Mariette
    Participant

    Hello

    My current (pre BPS) htaccess file already has extra code in it generated by theWP Rocket plugin. This is it: Could you please tell me where I should put this?

    # BEGIN WP Rocket v2.6.11
    # Use UTF-8 encoding for anything served text/plain or text/html
    AddDefaultCharset UTF-8
    # Force UTF-8 for a number of file formats
    <IfModule mod_mime.c>
    AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
    </IfModule>
    
    # FileETag None is not enough for every server.
    <IfModule mod_headers.c>
    Header unset ETag
    </IfModule>
    
    # Since we're sending far-future expires, we don't need ETags for static content.
    # developer.yahoo.com/performance/rules.html#etags
    FileETag None
    
    <IfModule mod_alias.c>
    <FilesMatch "\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$">
    <IfModule mod_headers.c>
    Header set X-Powered-By "WP Rocket/2.6.11"
    Header unset Pragma
    Header append Cache-Control "public"
    Header unset Last-Modified
    </IfModule>
    </FilesMatch>
    
    <FilesMatch "\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$">
    <IfModule mod_headers.c>
    Header unset Pragma
    Header append Cache-Control "public"
    </IfModule>
    </FilesMatch>
    </IfModule>
    
    # Expires headers (for better cache control)
    <IfModule mod_expires.c>
    ExpiresActive on
    
    # Perhaps better to whitelist expires rules? Perhaps.
    ExpiresDefault                          "access plus 1 month"
    
    # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
    ExpiresByType text/cache-manifest       "access plus 0 seconds"
    
    # Your document html
    ExpiresByType text/html                 "access plus 0 seconds"
    
    # Data
    ExpiresByType text/xml                  "access plus 0 seconds"
    ExpiresByType application/xml           "access plus 0 seconds"
    ExpiresByType application/json          "access plus 0 seconds"
    
    # Feed
    ExpiresByType application/rss+xml       "access plus 1 hour"
    ExpiresByType application/atom+xml      "access plus 1 hour"
    
    # Favicon (cannot be renamed)
    ExpiresByType image/x-icon              "access plus 1 week"
    
    # Media: images, video, audio
    ExpiresByType image/gif                 "access plus 1 month"
    ExpiresByType image/png                 "access plus 1 month"
    ExpiresByType image/jpeg                "access plus 1 month"
    ExpiresByType video/ogg                 "access plus 1 month"
    ExpiresByType audio/ogg                 "access plus 1 month"
    ExpiresByType video/mp4                 "access plus 1 month"
    ExpiresByType video/webm                "access plus 1 month"
    
    # HTC files  (css3pie)
    ExpiresByType text/x-component          "access plus 1 month"
    
    # Webfonts
    ExpiresByType application/x-font-ttf    "access plus 1 month"
    ExpiresByType font/opentype             "access plus 1 month"
    ExpiresByType application/x-font-woff   "access plus 1 month"
    ExpiresByType application/x-font-woff2  "access plus 1 month"
    ExpiresByType image/svg+xml             "access plus 1 month"
    ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
    
    # CSS and JavaScript
    ExpiresByType text/css                  "access plus 1 year"
    ExpiresByType application/javascript    "access plus 1 year"
    
    </IfModule>
    
    # Gzip compression
    <IfModule mod_deflate.c>
    # Active compression
    SetOutputFilter DEFLATE
    # Force deflate for mangled headers
    <IfModule mod_setenvif.c>
    <IfModule mod_headers.c>
    SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
    RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
    # Don't compress images and other uncompressible content
    SetEnvIfNoCase Request_URI \
    \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g)$ no-gzip dont-vary
    </IfModule>
    </IfModule>
    
    # Compress all output labeled with one of the following MIME-types
    <IfModule mod_filter.c>
    AddOutputFilterByType DEFLATE application/atom+xml \
    		                          application/javascript \
    		                          application/json \
    		                          application/rss+xml \
    		                          application/vnd.ms-fontobject \
    		                          application/x-font-ttf \
    		                          application/xhtml+xml \
    		                          application/xml \
    		                          font/opentype \
    		                          image/svg+xml \
    		                          image/x-icon \
    		                          text/css \
    		                          text/html \
    		                          text/plain \
    		                          text/x-component \
    		                          text/xml
    </IfModule>
    <IfModule mod_headers.c>
    Header append Vary: Accept-Encoding
    </IfModule>
    </IfModule>
    
    <IfModule mod_mime.c>
    AddType text/html .html_gzip
    AddEncoding gzip .html_gzip
    </IfModule>
    <IfModule mod_setenvif.c>
    SetEnvIfNoCase Request_URI \.html_gzip$ no-gzip
    </IfModule>
    
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTPS} on
    RewriteRule .* - [E=WPR_SSL:-https]
    RewriteCond %{SERVER_PORT} ^443$
    RewriteRule .* - [E=WPR_SSL:-https]
    RewriteCond %{HTTP:Accept-Encoding} gzip
    RewriteRule .* - [E=WPR_ENC:_gzip]
    RewriteCond %{REQUEST_METHOD} GET
    RewriteCond %{QUERY_STRING} =""
    RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_|wp-postpass_|wptouch_switch_toggle|comment_author_|comment_author_email_) [NC]
    RewriteCond %{REQUEST_URI} !^(.*/feed/?)$ [NC]
    RewriteCond %{HTTP_USER_AGENT} !^(facebookexternalhit).* [NC]
    RewriteCond "%{DOCUMENT_ROOT}/wp/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}.html%{ENV:WPR_ENC}" -f
    RewriteRule .* "/wp/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}.html%{ENV:WPR_ENC}" [L]
    </IfModule>
    # END WP Rocket

    many thanks
    Mariette

    #25438
    Mariette
    Participant

    [topic has been merged into this similar topic]
    Hi
    My pre BPS htaccess file included the following code:

    <ifModule mod_headers.c> 
    Header set Connection keep-alive 
    </ifModule>

    Could you confirm where this should go please. Also, it seems that the existing htaccess file is not modified by the BPS plugin – it is still as it was before I installed BPS and activated the secure option – is that right?

    thanks
    Mariette

    #25441
    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    Updated 6-19-2017: Complete manual WP Rocket setup steps.

    1. BPS Pro: Turn off AutoRestore.
    2. BPS Pro: Go to F-Lock and unlock both your Root .htaccess file and your wp-config.php file.
    2. BPS free: Go to the htaccess File Editor page, click the Unlock htaccess File button and click the Turn Off AutoLock button.
    3. Go to the WP Rocket Settings page and resave all of your WP Rocket settings.
    4. Go to the htaccess File Editor tab page > Your Current Root htaccess File tab > Copy the WP Rocket .htaccess code from your root htaccess file to this BPS Pro Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE.
    5. Click the Save Root Custom Code button.
    6. BPS Pro: Go to F-Lock and select the Lock Root .htaccess file option. Select Checking and Alerts Off option for the wp-config.php file and click the Save Options button.
    6. BPS free: Go to the htaccess File Editor page, click the Lock htaccess File button and click the Turn On AutoLock button.
    7. BPS Pro: Re-run the Pre-Installation Wizard and Setup Wizard.
    7. BPS free: Re-run the Setup Wizard.
    ____________________________
    You can combine your additional Header set Connection keep-alive code into your WP Rocket htaccess cache code.  You should check with the WP Rocket folks to make sure this is ok and not going to cause a problem for WP Rocket.

    <IfModule mod_headers.c>
    Header unset ETag
    Header set Connection keep-alive 
    </IfModule>

    BPS creates new htaccess files. You use BPS Custom Code to combine any old htaccess code into your new BPS htaccess files. See the Custom Code video tutorial for additional info:  http://forum.ait-pro.com/video-tutorials/#custom-code Also the Read Me help buttons contain help information about whichever BPS plugin page and section you are on.

    #25451
    Mariette
    Participant

    Thank you very much for your super-speedy response.

    I have one follow-up question on this. In the past when WP Rocket updates to a new version the htaccess file code is also automatically updated. Will this continue to happen with the BPS custom code or will I need to change the BPS code manually when I upgrade Rocket?

    many thanks again
    Mariette

    #25453
    AITpro Admin
    Keymaster

    I cannot answer that question entirely because I do not know how WP Rocket works and what its capabilities are and what type of error checking WP Rocket does.  You would have to ask the WP Rocket folks any specific questions about how WP Rocket works.  If you leave your root htaccess file unlocked then any/every plugin that writes htaccess code to the root htaccess file can update the root htaccess file with new code.  If a plugin has the capability to unlock, write or update new code and relock the root htaccess file again like BPS and BPS Pro then you could leave the root htaccess file locked and WP Rocket would still be able to automatically update the root htaccess code with any new code.  You would need to ask the WP Rocket folks any specific questions about how WP Rocket works.  If WP Rocket automatically updates the root htaccess file with new code then you should also copy that new htaccess code to BPS Custom Code.

    #25454
    Mariette
    Participant

    THank you – I’ll do as you suggest and ask WP Rocket.

    I really appreciate your quick responses.
    all the best
    Mariette

    #30024
    Pako
    Participant

    Hi
    @ Mariette
    I’m also using WP Rocket and trying BPS.
    Did you ask WP Rocket team about that?
    I do not see myself changing htaccess wp rocket rules at each new version of wp rocket… 🙁
    Thanks

    #30035
    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    @ Pako – You would just do these steps here:  http://forum.ait-pro.com/forums/topic/wp-rocket-plugin-htaccess-code-where-to-put-it/#post-25441  I doubt that WP Rocket will change their htaccess code in the future and if they did then hopefully they would do some sort of check to alert you about that change, which is a standard thing with both the BPS free and Pro versions.

    #30036
    Pako
    Participant

    hey 😉

    Before install BPS I have disabled WP Rocket.
    I reactivated WP Rocket and, great…, all the Wp Rocket rules have been wrote into my root .htaccess 🙂
    I suppose it was possible because I do not have locked my htaccess?
    “if they did then hopefully they would do some sort of check to alert you about that change”
    I hope so…

    EDIT: I tried to lock .htaccess and cool… I haw a warning from WP Rocket :

    “If you have write permissions on the .htaccess file, WP Rocket could do this automatically. This is not the case, here are the rewrite rules that you have to insert at the beginning of your .htaccess file”

    #30037
    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    Yes, if your Root htaccess file is not locked than any plugin or anything can write to your Root htaccess file.  If you want to save code that is written to your Root htaccess file permanently then use BPS Custom Code.

    #30038
    Pako
    Participant

    Yes thanks, I have just edit my previous post here

Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.