ServerName ready.amstires.com DocumentRoot /var/www/amstireswp # #AuthType Basic #AuthName "AMSTires Staging" #AuthUserFile "/etc/apache2/users/htpasswd" #AuthGroupFile /dev/null #Require user amsEditor cron #Require ip 127.0.0.1 ::1 #Satisfy Any # Require all granted Order Allow,Deny Allow from All # Require all Allow Options -Indexes +FollowSymLinks ##Wordpress base rewrite rule to enable page slugs RewriteEngine On # XSS protection RewriteCond %{QUERY_STRING} (\<|%3C).*(script|iframe|object).*(\>|%3E) [NC] RewriteRule ^(.*)$ /index.php [R,L,QSD] # Cross-site Tracing protection RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* / [F,R,QSD] # Asset pathing RewriteCond %{REQUEST_URI} ^/wp-content/uploads.* RewriteCond %{QUERY_STRING} ^..*$ RewriteRule ^wp-content/uploads(.*) http://rdy-asset/wp/amstires/wp-content/uploads$1 [P,L] RewriteRule ^index\.html$ - [L] # Pathing for WP API and Admin RewriteRule ^(wp-json.*) /index.php/$1 [L] RewriteRule ^wp-admin/admin-ajax.php.* wp-admin/admin-ajax.php [QSA,L] RewriteRule ^(/wp-admin.*) /index.php/$1 [QSA,L] # For any remaining non-files, non-directories... RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.html [L] # More XSS protection for Chrome, IE # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection Header set X-XSS-Protection "1; mode=block" # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Frame-Options Header always append X-Frame-Options SAMEORIGIN # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Content-Type-Options Header set X-Content-Type-Options nosniff ProxyPass http://rdy-asset/wp/amstires/wp-content/uploads ProxyPassReverse http://rdy-asset/wp/amstires/wp-content/uploads ProxyPass http://clst-camel/mediator-service/dm/12/ps Require all granted Include "/var/www/configs/amstireswp/amstires-var.conf" SetEnv WP_SITEURL "https://ready.amstires.com" SetEnv WP_HOME "https://ready.amstires.com" SetEnv WPENV "ready" SetEnv MEDIATOR_PATH "http://be-clst-camel/mediator-service/dm/12/" SetEnv NEW_MEDIATOR_PATH "http://be-clst-camel/mediator-service/api/v1/dm/12/" SetEnv WPSVCENV rdy SetEnv WPDBHOST stg-mysql.lemanscorp.com ServerName ready.amstires.com DocumentRoot /var/www/amstireswp # #AuthType Basic #AuthName "AMSTires Staging" #AuthUserFile "/etc/apache2/users/htpasswd" #AuthGroupFile /dev/null #Require user amsEditor cron #Require ip 127.0.0.1 ::1 #Satisfy Any # SSLEngine on SSLCertificateFile /etc/letsencrypt/live/ready.amstires.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/ready.amstires.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/ready.amstires.com/chain.pem Require all granted Order Allow,Deny Allow from All # Require all Allow Options -Indexes +FollowSymLinks ##Wordpress base rewrite rule to enable page slugs RewriteEngine On # XSS protection RewriteCond %{QUERY_STRING} (\<|%3C).*(script|iframe|object).*(\>|%3E) [NC] RewriteRule ^(.*)$ /index.php [R,L,QSD] # Cross-site Tracing protection RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* / [F,R,QSD] # Asset pathing RewriteCond %{REQUEST_URI} ^/wp-content/uploads.* RewriteCond %{QUERY_STRING} ^..*$ RewriteRule ^wp-content/uploads(.*) http://rdy-asset/wp/amstires/wp-content/uploads$1 [P,L] RewriteRule ^index\.html$ - [L] # Pathing for WP API and Admin RewriteRule ^(wp-json.*) /index.php/$1 [L] RewriteRule ^wp-admin/admin-ajax.php.* wp-admin/admin-ajax.php [QSA,L] RewriteRule ^(/wp-admin.*) /index.php/$1 [QSA,L] # For any remaining non-files, non-directories... RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.html [L] # More XSS protection for Chrome, IE # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection Header set X-XSS-Protection "1; mode=block" # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Frame-Options Header always append X-Frame-Options SAMEORIGIN # Ref. for the following rule: https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Content-Type-Options Header set X-Content-Type-Options nosniff ProxyPass http://rdy-asset/wp/amstires/wp-content/uploads ProxyPassReverse http://rdy-asset/wp/amstires/wp-content/uploads ProxyPass http://clst-camel/mediator-service/dm/12/ps Require all granted Include "/var/www/configs/amstireswp/amstires-var.conf" SetEnv WP_SITEURL "https://ready.amstires.com" SetEnv WP_HOME "https://ready.amstires.com" SetEnv WPENV "ready" SetEnv MEDIATOR_PATH "http://be-clst-camel/mediator-service/dm/12/" SetEnv NEW_MEDIATOR_PATH "http://be-clst-camel/mediator-service/api/v1/dm/12/" SetEnv WPSVCENV rdy SetEnv WPDBHOST stg-mysql.lemanscorp.com