magento
diff --git a/‎.htaccess
+12-190 b/‎.htaccess
+12-190
@@ -1,212 +1,43 @@
-############################################
-## overrides deployment configuration mode value
-## use command bin/magento deploy:mode:set to switch modes
-
-#   SetEnv MAGE_MODE developer
-
-############################################
-## uncomment these lines for CGI mode
-## make sure to specify the correct cgi php binary file name
-## it might be /cgi-bin/php-cgi
-
-#    Action php5-cgi /cgi-bin/php5-cgi
-#    AddHandler php5-cgi .php
-
-############################################
-## GoDaddy specific options
-
-#   Options -MultiViews
-
-## you might also need to add this line to php.ini
-##     cgi.fix_pathinfo = 1
-## if it still doesn't work, rename php.ini to php5.ini
-
-############################################
-## this line is specific for 1and1 hosting
-
-    #AddType x-mapp-php5 .php
-    #AddHandler x-mapp-php5 .php
-
-############################################
-## default index file
-
-    DirectoryIndex index.php
-
+# All explanations you could find in .htaccess.sample file
+DirectoryIndex index.php
 <IfModule mod_php5.c>
-
-############################################
-## adjust memory limit
-
     php_value memory_limit 768M
     php_value max_execution_time 18000
-
-############################################
-## disable automatic session start
-## before autoload was initialized
-
     php_flag session.auto_start off
-
-############################################
-## enable resulting html compression
-
-    #php_flag zlib.output_compression on
-
-###########################################
-## disable user agent verification to not break multiple image upload
-
     php_flag suhosin.session.cryptua off
-
 </IfModule>
-
 <IfModule mod_php7.c>
-
-############################################
-## adjust memory limit
-
     php_value memory_limit 768M
     php_value max_execution_time 18000
-
-############################################
-## disable automatic session start
-## before autoload was initialized
-
     php_flag session.auto_start off
-
-############################################
-## enable resulting html compression
-
-    #php_flag zlib.output_compression on
-
-###########################################
-## disable user agent verification to not break multiple image upload
-
     php_flag suhosin.session.cryptua off
-
 </IfModule>
-
 <IfModule mod_security.c>
-###########################################
-## disable POST processing to not break multiple image upload
-
     SecFilterEngine Off
     SecFilterScanPOST Off
 </IfModule>
-
-<IfModule mod_deflate.c>
-
-############################################
-## enable apache served files compression
-## http://developer.yahoo.com/performance/rules.html#gzip
-
-    # Insert filter on all content
-    ###SetOutputFilter DEFLATE
-    # Insert filter on selected content types only
-    #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
-
-    # Netscape 4.x has some problems...
-    #BrowserMatch ^Mozilla/4 gzip-only-text/html
-
-    # Netscape 4.06-4.08 have some more problems
-    #BrowserMatch ^Mozilla/4\.0[678] no-gzip
-
-    # MSIE masquerades as Netscape, but it is fine
-    #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
-
-    # Don't compress images
-    #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
-
-    # Make sure proxies don't deliver the wrong content
-    #Header append Vary User-Agent env=!dont-vary
-
-</IfModule>
-
 <IfModule mod_ssl.c>
-
-############################################
-## make HTTPS env vars available for CGI mode
-
     SSLOptions StdEnvVars
-
 </IfModule>
-
-############################################
-## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
-## Please, set it on virtual host configuration level
-
-##    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
-############################################
-
 <IfModule mod_rewrite.c>
-
-############################################
-## enable rewrites
-
     Options +FollowSymLinks
     RewriteEngine on
-
-############################################
-## you can put here your magento root folder
-## path relative to web root
-
-    #RewriteBase /magento/
-
-############################################
-## workaround for HTTP authorization
-## in CGI environment
-
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
-############################################
-## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
-
     RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
     RewriteRule .* - [L,R=405]
-
-############################################
-## redirect for mobile user agents
-
-    #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
-    #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
-    #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
-
-############################################
-## never rewrite for existing files, directories and links
-
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteCond %{REQUEST_FILENAME} !-l
-
-############################################
-## rewrite everything else to index.php
-
     RewriteRule .* index.php [L]
-
 </IfModule>
-
-
-############################################
-## Prevent character encoding issues from server overrides
-## If you still have problems, use the second line instead
-
     AddDefaultCharset Off
-    #AddDefaultCharset UTF-8
-
+    AddType 'text/html; charset=UTF-8' html
 <IfModule mod_expires.c>
-
-############################################
-## Add default Expires header
-## http://developer.yahoo.com/performance/rules.html#expires
-
     ExpiresDefault "access plus 1 year"
     ExpiresByType text/html A0
     ExpiresByType text/plain A0
-
 </IfModule>
-
-###########################################
-## Deny access to root files to hide sensitive application information
-    RedirectMatch 404 /\.git
-
+    RedirectMatch 403 /\.git
     <Files composer.json>
         order allow,deny
         deny from all
@@ -243,10 +74,6 @@
         order allow,deny
         deny from all
     </Files>
-    <Files CONTRIBUTOR_LICENSE_AGREEMENT.html>
-        order allow,deny
-        deny from all
-    </Files>
     <Files COPYING.txt>
         order allow,deny
         deny from all
@@ -280,19 +107,14 @@
         deny from all
     </Files>
     <Files magento_umask>
-            order allow,deny
-            deny from all
+        order allow,deny
+        deny from all
     </Files>
-
-################################
-## If running in cluster environment, uncomment this
-## http://developer.yahoo.com/performance/rules.html#etags
-
-    #FileETag none
-
-############################################
-## Add custom headers
+ErrorDocument 404 /pub/errors/404.php
+ErrorDocument 403 /pub/errors/404.php
 <IfModule mod_headers.c>
-    Header set X-Content-Type-Options "nosniff"
-    Header set X-XSS-Protection "1; mode=block"
+    Header set X-UA-Compatible "IE=edge"
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
+        Header unset X-UA-Compatible
+    </FilesMatch>
 </IfModule>