### File security
# Exclude direct access to tpl, tpl.xml, inc.php, sql extensions
#
order allow,deny
deny from all
satisfy all
ExpiresActive on
ExpiresByType text/css "a`ccess plus 1 month"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType image/icon "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType application/x-font-opentype "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType application/font-woff "access plus 1 month"
## Tell PHP that the mod_rewrite module is ENABLED.
SetEnv HTTP_MOD_REWRITE On
## Enable mod-rewrite
RewriteEngine On
###### Rewrite rule to force 'www.' prefix. Use only if needed
# If your site can be accessed both with and without the 'www.' prefix,
# use the following setting to redirect all users to access the site with the 'www.'
# when they access without 'www.'. Uncomment and MAKE sure to adapt for your domain name
#
# RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
# RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
###### Rewrite rules to block common hacks
## If you experience problems comment out the operations listed below
## Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
## Block out any script that includes a