Home › aery › Insightful
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Badges
aery • Gtricks Forum in 2.1 :) • ✭✭✭
Google lovers, here is the place for you - http://forum.gtricks.com/
About
- Username
- aery
- Joined
- Visits
- 847
- Last Active
- Roles
- Member, Developer
- Points
- 281
- Badges
- 16
Reactions
-
Best htaccess practices for scurity and performance
Recently, there was a thread about tightening vanilla security. So I thought I will share mine htaccess with you guys so everyone can benefit -
1) Open .htaccess file from forum root folder in any text editor
2) **Add ** below changes that suites you -
# ---------------------------------------------------------------------- # Better website experience for IE users # ---------------------------------------------------------------------- # Force the latest IE version, in various cases when it may fall back to IE7 mode # Use ChromeFrame if it's installed for a better experience for the poor IE folk <IfModule mod_headers.c> Header set X-UA-Compatible "IE=Edge,chrome=1" # mod_headers can't match by content-type, but we don't want to send this header on *everything*... <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$"> Header unset X-UA-Compatible </FilesMatch> </IfModule> # ---------------------------------------------------------------------- # Gzip compression # ---------------------------------------------------------------------- <IfModule mod_deflate.c> # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/ <IfModule mod_setenvif.c> <IfModule mod_headers.c> SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding </IfModule> </IfModule> # Compress all output labeled with one of the following MIME-types # (for Apache versions below 2.3.7, you don't need to enable `mod_filter` # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines as # `AddOutputFilterByType` is still in the core directives) <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml </IfModule> </IfModule> # ---------------------------------------------------------------------- # Expires headers (for better cache control) # ---------------------------------------------------------------------- # These are pretty far-future expires headers. # They assume you control versioning with filename-based cache busting # Additionally, consider that outdated proxies may miscache # www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/ # If you don't use filenames to version, lower the CSS and JS to something like # "access plus 1 week". <IfModule mod_expires.c> ExpiresActive on # Perhaps better to whitelist expires rules? Perhaps. ExpiresDefault "access plus 1 month" # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5) ExpiresByType text/cache-manifest "access plus 0 seconds" # Your document html ExpiresByType text/html "access plus 0 seconds" # Data ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # Feed ExpiresByType application/atom+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" # Favicon (cannot be renamed) ExpiresByType image/x-icon "access plus 1 week" # Media: images, video, audio ExpiresByType audio/ogg "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" # HTC files (css3pie) ExpiresByType text/x-component "access plus 1 month" # Webfonts ExpiresByType application/vnd.ms-fontobject "access plus 1 month" ExpiresByType application/x-font-ttf "access plus 1 month" ExpiresByType application/x-font-woff "access plus 1 month" ExpiresByType font/opentype "access plus 1 month" ExpiresByType image/svg+xml "access plus 1 month" # CSS and JavaScript ExpiresByType application/javascript "access plus 1 year" ExpiresByType text/css "access plus 1 year" </IfModule> # ---------------------------------------------------------------------- # Prevent mobile network providers from modifying your site # ---------------------------------------------------------------------- # The following header prevents modification of your code over 3G on some # European providers. # This is the official 'bypass' suggested by O2 in the UK. # <IfModule mod_headers.c> # Header set Cache-Control "no-transform" # </IfModule> # ---------------------------------------------------------------------- # ETag removal # ---------------------------------------------------------------------- # FileETag None is not enough for every server. <IfModule mod_headers.c> Header unset ETag </IfModule> # Since we're sending far-future expires, we don't need ETags for # static content. # developer.yahoo.com/performance/rules.html#etags FileETag None # ---------------------------------------------------------------------- # Suppress or force the "www." at the beginning of URLs # ---------------------------------------------------------------------- # The same content should never be available under two different URLs - # especially not with and without "www." at the beginning, since this can cause # SEO problems (duplicate content). That's why you should choose one of the # alternatives and redirect the other one. # By default option 1 (no "www.") is activated. # no-www.org/faq.php?q=class_b # If you'd prefer to use option 2, just comment out all option 1 lines # and uncomment option 2. # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME! # ---------------------------------------------------------------------- # Option 1: # Rewrite "www.example.com -> example.com". <IfModule mod_rewrite.c> RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] </IfModule> # ---------------------------------------------------------------------- # Option 2: # Rewrite "example.com -> www.example.com". # Be aware that the following rule might not be a good idea if you use "real" # subdomains for certain parts of your website. # <IfModule mod_rewrite.c> # RewriteCond %{HTTPS} !=on # RewriteCond %{HTTP_HOST} !^www\..+$ [NC] # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] # </IfModule>
-
Is it possible to create a user sumbmitted photo gallery like this?
For wordpress we use this -
`function catch_that_image() { global $post, $posts; $first_img = ''; ob_start(); ob_end_clean(); $output = preg_match_all('/<img.+src=\'"[\'"].*>/i', $post->post_content, $matches); $first_img = $matches[1][0];
if(empty($first_img)) { $first_img = "/path/to/default.png"; } return $first_img; }`
I think its easy to replicate at vanilla
-
Installed 2.1, but posts are nowhere to be found?
@Zhaan thats the right thing to do.
-
New Vanilla 2.1 theme in Making
-
Great theme, how to make quotes stand out?
@peripatew you are right. Quote will be visible to registered members.
You can add top padding to
.DataList .Metaclass in custom css likepadding-top: 10px;To push comment text down, you have to
replaceaddpadding-top:padding: 20pxto class.MessageList .Messagein custom.css
