Jump to content

Server Performance: with some htaccess trick...

Recommended Posts

ok, after some ssl test and some other website for test my server,

i've see this and i've found inside it more report to fix and improve my config: https://www.dareboost.com/en/home

AddDefaultCharset UTF-8

<IfModule mod_headers.c>

# Enable expirations
ExpiresActive On

# Default directive
ExpiresDefault "access plus 1 month"

# My favicon
ExpiresByType image/x-icon "access plus 1 year”

# Images
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"

ExpiresByType text/css "access 1 month”

# Javascript
ExpiresByType application/javascript "access plus 1 year"

# Header Security:
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header always set X-Content-Type-Options "nosniff"
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"

# KeepAlive
Header set Connection keep-alive


from startin a bad result of 56, now i've 77!

ipb, atm, has 71.

yes, i've also enabled gzip in server and memcached + opcache (before no cache), and add script before body! but now all seems to work fine and really best.

someone have any info for this?

i want try to enable also http://www.html5rocks.com/en/tutorials/security/content-security-policy/

but im not sure if is a good idea with ipb :p

Link to comment
Share on other sites

Ok, but i don't have nginx, :D cause of it i want try to improve my resource :p

ps: i've put also this:

# CSP:
Header set Content-Security-Policy "default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;"

all work fine, but is valid for https setup (in other words, accept from all, but only if is in https)!

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...