Skip to content

Commit

Permalink
Release v6.0.0
Browse files Browse the repository at this point in the history
  • Loading branch information
LeoColomb committed Dec 5, 2022
1 parent f650cb5 commit 14d8af4
Show file tree
Hide file tree
Showing 3 changed files with 162 additions and 125 deletions.
27 changes: 22 additions & 5 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,27 @@
### 6.0.0 (December 5, 2022)

* 🎉 Significant improvement on `Cache-Control` definition and usage
* `Cache-Control` boilerplate with extensive control
[https://github.com/h5bp/server-configs-apache/pull/325]
* Reorder and improve cache expiration `ExpiresByType` map
[https://github.com/h5bp/server-configs-apache/pull/326]
* Add a notice for directory index with pre-compressed content
[https://github.com/h5bp/server-configs-apache/pull/311]
* Drop `image/avif-sequence` MIME type
[https://github.com/h5bp/server-configs-apache/pull/316]
* Improve inline comments.

### 5.1.0 (May 9, 2022)

* Extend default, media and font cache TTL to 1 year [[5df6946](https://github.com/h5bp/server-configs-apache/commit/5df69464885605ded1f4b0ef04cb84f1b8bd8010)]
* Support `ETags` at server level [[7956cbc](https://github.com/h5bp/server-configs-apache/commit/7956cbcecd33c20f13357284f3f355c658755115)]
* Add `image/x-icon` compression support [[69ddeda](https://github.com/h5bp/server-configs-apache/commit/69ddeda3781762eb2aba8b5152f2e9d2fa56c90a)]
* Improve module checks validations [[cb8ef1b](https://github.com/h5bp/server-configs-apache/commit/cb8ef1be06a93d43db6dc525005e2638b8ef687b])]
* Improve inline comments
* Extend default, media and font cache TTL to 1 year
[[5df6946](https://github.com/h5bp/server-configs-apache/commit/5df69464885605ded1f4b0ef04cb84f1b8bd8010)]
* Support `ETags` at server level
[[7956cbc](https://github.com/h5bp/server-configs-apache/commit/7956cbcecd33c20f13357284f3f355c658755115)]
* Add `image/x-icon` compression support
[[69ddeda](https://github.com/h5bp/server-configs-apache/commit/69ddeda3781762eb2aba8b5152f2e9d2fa56c90a)]
* Improve module checks validations
[[cb8ef1b](https://github.com/h5bp/server-configs-apache/commit/cb8ef1be06a93d43db6dc525005e2638b8ef687b])]
* Improve inline comments.

### 5.0.0 (July 31, 2021)

Expand Down
258 changes: 139 additions & 119 deletions dist/.htaccess
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Apache Server Configs v5.1.0 | MIT License
# Apache Server Configs v6.0.0 | MIT License
# https://github.com/h5bp/server-configs-apache

# (!) Using `.htaccess` files slows down Apache, therefore, if you have
Expand Down Expand Up @@ -160,8 +160,7 @@ Options -MultiViews

AddType audio/mp4 f4a f4b m4a
AddType audio/ogg oga ogg opus
AddType image/avif avif
AddType image/avif-sequence avifs
AddType image/avif avif avifs
AddType image/bmp bmp
AddType image/jxl jxl
AddType image/svg+xml svg svgz
Expand Down Expand Up @@ -691,7 +690,7 @@ AddDefaultCharset utf-8
# https://scotthelme.co.uk/a-new-security-header-referrer-policy/

# <IfModule mod_headers.c>
# # (1)
# # (1)
# Header always set Referrer-Policy "strict-origin-when-cross-origin" "expr=%{CONTENT_TYPE} =~ m#text\/(css|html|javascript)|application\/pdf|xml#i"
# </IfModule>

Expand Down Expand Up @@ -931,6 +930,11 @@ ServerSignature Off
# (!) To make this part relevant, you need to generate encoded files by your
# own. Enabling this part will not auto-generate brotlied files.
#
# (!) In special case of serving pre-compressed content only, note that
# `DirectoryIndex` directive adjustments could be required to change
# default resources priorities.
# https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex
#
# (1) Remove default Content-Language header added for .br files.
# https://httpd.apache.org/docs/current/mod/mod_mime.html#multipleext
#
Expand Down Expand Up @@ -994,13 +998,18 @@ ServerSignature Off
# (!) To make this part relevant, you need to generate encoded files by your
# own. Enabling this part will not auto-generate gziped files.
#
# https://httpd.apache.org/docs/current/mod/mod_deflate.html#precompressed
# (!) In special case of serving pre-compressed content only, note that
# `DirectoryIndex` directive adjustments could be required to change
# default resources priorities.
# https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex
#
# (1) Removing default MIME Type for .gz files allowing to add custom
# sub-types.
# You may prefer using less generic extensions such as .html_gz in order to
# keep the default behavior regarding .gz files.
# https://httpd.apache.org/docs/current/mod/mod_mime.html#removetype
#
# https://httpd.apache.org/docs/current/mod/mod_deflate.html#precompressed

# <IfModule mod_rewrite.c>

Expand Down Expand Up @@ -1046,38 +1055,6 @@ ServerSignature Off

# </IfModule>

# ----------------------------------------------------------------------
# | Content transformation |
# ----------------------------------------------------------------------

# Prevent intermediate caches or proxies (such as those used by mobile
# network providers) and browsers data-saving features from modifying
# the website's content using the `cache-control: no-transform` directive.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
# https://tools.ietf.org/html/rfc7234#section-5.2.2.4
#
# (!) Carefully consider the impact on your visitors before disabling
# content transformation. These transformations are performed to
# improve the experience for data- and cost-constrained users
# (e.g. users on a 2G connection).
#
# You can test the effects of content transformation applied by
# Google's Lite Mode by visiting: https://googleweblight.com/i?u=https://www.example.com
#
# https://support.google.com/webmasters/answer/6211428
#
# (!) If you are using `mod_pagespeed`, note that disabling this will
# prevent `PageSpeed` from rewriting HTML files, and, if the
# `ModPagespeedDisableRewriteOnNoTransform` directive isn't set to
# `off`, also from rewriting other resources.
#
# https://developers.google.com/speed/pagespeed/module/configuration#notransform

# <IfModule mod_headers.c>
# Header merge Cache-Control "no-transform"
# </IfModule>

# ----------------------------------------------------------------------
# | ETags |
# ----------------------------------------------------------------------
Expand Down Expand Up @@ -1105,7 +1082,7 @@ FileETag None
# Serve resources with a far-future expiration date.
#
# (!) If you don't control versioning with filename-based cache busting, you
# should consider lowering the cache times to something like one week.
# should consider lowering the cache times to something like one week.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expires
Expand All @@ -1114,112 +1091,155 @@ FileETag None
<IfModule mod_expires.c>

ExpiresActive on
ExpiresDefault "access plus 1 year"

# CSS

ExpiresByType text/css "access plus 1 year"


# Data interchange

ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"

ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/calendar "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"


# Favicon (cannot be renamed!) and cursor images
# Default: Fallback
ExpiresDefault "access plus 1 year"

# Specific: Assets
ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"

# HTML

ExpiresByType text/html "access plus 0 seconds"


# JavaScript

ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"


# Manifest files

# Specific: Manifests
ExpiresByType application/manifest+json "access plus 1 week"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"


# Markdown
ExpiresByType application/x-web-app-manifest+json "access"
ExpiresByType text/cache-manifest "access"

ExpiresByType text/markdown "access plus 0 seconds"
# Specific: Data interchange
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"

# Specific: Documents
ExpiresByType text/html "access"
ExpiresByType text/markdown "access"
ExpiresByType text/calendar "access"

# Media files
# Specific: Other
ExpiresByType text/x-cross-domain-policy "access plus 1 week"

ExpiresByType audio/ogg "access plus 1 year"
ExpiresByType image/apng "access plus 1 year"
ExpiresByType image/avif "access plus 1 year"
ExpiresByType image/avif-sequence "access plus 1 year"
ExpiresByType image/bmp "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/jxl "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType video/mp4 "access plus 1 year"
ExpiresByType video/ogg "access plus 1 year"
ExpiresByType video/webm "access plus 1 year"
# Generic: Data
ExpiresByType application/json "access"
ExpiresByType application/ld+json "access"
ExpiresByType application/schema+json "access"
ExpiresByType application/geo+json "access"
ExpiresByType application/xml "access"
ExpiresByType text/xml "access"

# Generic: WebAssembly
# ExpiresByType application/wasm "access plus 1 year" # default

# Generic: Assets
# ExpiresByType application/javascript "access plus 1 year" # default
# ExpiresByType application/x-javascript "access plus 1 year" # default
# ExpiresByType text/javascript "access plus 1 year" # default
# ExpiresByType text/css "access plus 1 year" # default

# Generic: Medias
# ExpiresByType audio/* "access plus 1 year" # default
# ExpiresByType image/* "access plus 1 year" # default
# ExpiresByType video/* "access plus 1 year" # default
# ExpiresByType font/* "access plus 1 year" # default

</IfModule>

# WebAssembly
# ----------------------------------------------------------------------
# | Cache Control |
# ----------------------------------------------------------------------

ExpiresByType application/wasm "access plus 1 year"
# Serve resources with appropriate cache control directives.
#
# The `Cache-Control` header field holds directives (instructions) that control
# caching in browsers and shared caches (e.g. Proxies, CDNs).
# Its use targets web performances improvement by specifying the expected
# client and network caches behaviors.
#
# The usable cache directives are listed here:
# https://www.iana.org/assignments/http-cache-directives/http-cache-directives.xml
#
# The cache directives are documented here:
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control#response_directives
#
# (!) Enable and configure this configuration with care.
# Default values should embrace conformance for static files and simple
# apps, but cache control definition at backend level is highly preferred.
# Incorrect directives can lead to data leaks, or can degrade performances.
#
# More specifically, in-depth understanding on `public` vs `private`
# directives meanings is highly recommended. A resource with `public` will
# be cached by shared caches like CDN, even if a user session is active.
#
# (!) The config directive `Header` must be used with the appropriate action.
# Depending on the need, `merge` keeps the current value, if any, of
# `Cache-Control` header, while `set` reset the value including the one
# added by `ExpiresByType` directive in the cache expiration config file
# h5bp/web_performance/cache_expiration.conf.
# https://httpd.apache.org/docs/current/mod/mod_headers.html#header
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
# https://www.rfc-editor.org/rfc/rfc9111.html
# https://www.rfc-editor.org/rfc/rfc8246.html
# https://www.rfc-editor.org/rfc/rfc5861.html
# https://www.iana.org/assignments/http-cache-directives/http-cache-directives.xml
# https://cache-tests.fyi/

# <IfModule mod_headers.c>

# Web fonts
# # Default
# Header merge Cache-Control "public, immutable, stale-while-revalidate" "expr=%{resp:Cache-Control} == 'max-age=31536000'"

# Collection
ExpiresByType font/collection "access plus 1 year"
# # No content
# Header merge Cache-Control "no-store" "expr=-z %{CONTENT_TYPE}"

# Embedded OpenType (EOT)
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType font/eot "access plus 1 year"
# # Manifest files
# Header merge Cache-Control "public" "expr=%{CONTENT_TYPE} =~ m#application/manifest\+json#i"
# Header set Cache-Control "no-cache" "expr=%{CONTENT_TYPE} =~ m#text/cache-manifest#i"

# OpenType
ExpiresByType font/opentype "access plus 1 year"
ExpiresByType font/otf "access plus 1 year"
# # Assets
# Header merge Cache-Control "public, immutable, stale-while-revalidate" "expr=%{CONTENT_TYPE} =~ m#image/x-icon#i"

# TrueType
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType font/ttf "access plus 1 year"
# # Data interchange
# Header merge Cache-Control "public, stale-while-revalidate" "expr=%{CONTENT_TYPE} =~ m#application/(atom|rdf|rss)\+xml#i"

# Web Open Font Format (WOFF) 1.0
ExpiresByType application/font-woff "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType font/woff "access plus 1 year"
# # Documents
# Header set Cache-Control "no-cache, private, must-revalidate" "expr=%{CONTENT_TYPE} =~ m#text/(html|markdown|calendar)#i"

# Web Open Font Format (WOFF) 2.0
ExpiresByType application/font-woff2 "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
# # Data
# Header set Cache-Control "no-cache" "expr=%{CONTENT_TYPE} =~ m#json|xml#i && %{CONTENT_TYPE} !~ m#/(atom|rdf|rss|manifest|svg)\+#i"

# </IfModule>

# Other
# ----------------------------------------------------------------------
# | Content transformation |
# ----------------------------------------------------------------------

ExpiresByType text/x-cross-domain-policy "access plus 1 week"
# Prevent intermediate caches or proxies (such as those used by mobile
# network providers) and browsers data-saving features from modifying
# the website's content using the `no-transform` directive for
# `Cache-Control` header.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
# https://tools.ietf.org/html/rfc7234#section-5.2.2.4
#
# (!) Carefully consider the impact on your visitors before disabling
# content transformation. These transformations are performed to
# improve the experience for data- and cost-constrained users
# (e.g. users on a 2G connection).
#
# You can test the effects of content transformation applied by
# Google's Lite Mode by visiting: https://googleweblight.com/i?u=https://www.example.com
#
# https://support.google.com/webmasters/answer/6211428
#
# (!) If you are using `mod_pagespeed`, note that disabling this will
# prevent `PageSpeed` from rewriting HTML files, and, if the
# `ModPagespeedDisableRewriteOnNoTransform` directive isn't set to
# `off`, also from rewriting other resources.
#
# https://developers.google.com/speed/pagespeed/module/configuration#notransform

</IfModule>
# <IfModule mod_headers.c>
# Header merge Cache-Control "no-transform"
# </IfModule>

# ----------------------------------------------------------------------
# | File concatenation |
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "apache-server-configs",
"version": "5.1.0",
"version": "6.0.0",
"author": "The H5BP Team",
"description": "Boilerplate configurations for the Apache HTTP server",
"repository": "h5bp/server-configs-apache",
Expand Down

0 comments on commit 14d8af4

Please sign in to comment.