# # This is the .htaccess file. It redirects Apache requests to the proper place. # If you're not using Apache, you'll need to adapt it to your HTTP server. # # @package Wedge # @copyright 2010 René-Gilles Deberdt, wedge.org # @license http://wedge.org/license/ # @author see contributors.txt # # Don't allow access to the Settings.php no matter what. Order Deny,Allow Deny from all Allow from localhost # Unencrypted avatars should be cached for a very long time. Header set Expires "Thu, 21 March 2025 03:42:00 GMT" # Setting PHP variables is only supported in mod_php. If using PHP as CGI, edit php.ini instead. # Apache 2 uses php_value # PHP has to be running for Wedge to work, of course. php_value engine 1 ############### Security ############### # Using cookies for sessions is much more secure. php_value session.use_cookies 1 # If it is really necessary, Wedge will do this - and it does it better. php_value session.use_trans_sid 0 # This is generally a bad thing to have on unless you need it on. php_value register_globals 0 # This setting goes against Wedge's expectations on secure request variables. php_value magic_quotes_sybase 0 ############ Functionality ############# # If the session is automatically started, output compression may not work. php_value session.auto_start 0 # A longer session length is preferrable when posting long messages. php_value session.gc_maxlifetime 2880 # Wedge expects these options to be set normally. (They almost always are.) php_value session.save_handler "files" php_value session.serialize_handler "php" # URL-based sessions are used if cookies aren't available to the client. php_value session.use_only_cookies 0 # With this on, you can use the plugin manager among other things. php_value allow_url_fopen 1 # This is here just for validation, although it isn't really used. php_value arg_separator.output "&" # This sets a larger upload file size. php_value upload_max_filesize "4M" ############# Optimization ############# # If PHP does this, Wedge won't have to redo it. php_value arg_separator.input "&;" # There's no need to do these two, since Wedge doesn't use them. php_value always_populate_raw_post_data 0 php_value register_argc_argv 0 # Magic quotes suck. Die. Forever. php_value magic_quotes_gpc 0 # This is a really bad setting for connections, and is best off just generally. php_value implicit_flush 0 # Apache 1 uses php_flag php_flag engine on ############### Security ############### php_flag session.use_cookies on php_flag session.use_trans_sid off php_flag register_globals off php_flag magic_quotes_sybase off ############ Functionality ############# php_flag session.auto_start off php_value session.gc_maxlifetime 2880 php_value session.save_handler "files" php_value session.serialize_handler "php" php_flag session.use_only_cookies off php_flag allow_url_fopen on php_value arg_separator.output "&" php_value upload_max_filesize "4M" ############# Optimization ############# php_value arg_separator.input "&;" php_flag always_populate_raw_post_data off php_flag register_argc_argv off php_flag magic_quotes_gpc off php_flag implicit_flush off # Ensures that accessing your forum root with "/" instead of "/index.php" will work. # Superceded by the Pretty URLs rule below, anyway. DirectoryIndex index.php # Pretty URLs = 2.2.16> FallbackResource /index.php RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php [L] RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php [L]