chrissnyder2337 · July 10, 2015 20:34
diff --git a/.htaccess b/.htaccess
 #
 # Apache/PHP/Drupal settings:
 #

 # Protect files and directories from prying eyes.
 <FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
  Order allow,deny
 </FilesMatch>

 # Don't show directory listings for URLs which map to a directory.
 Options -Indexes

 # Follow symbolic links in this directory.
 Options +FollowSymLinks

 # Make Drupal handle any 404 errors.
 ErrorDocument 404 /index.php

 # Set the default handler.
 DirectoryIndex index.php index.html index.htm

 # Override PHP settings that cannot be changed at runtime. See
 # sites/default/default.settings.php and drupal_initialize_variables() in
 # includes/bootstrap.inc for settings that can be changed at runtime.

 # PHP 5, Apache 1 and 2.
 <IfModule mod_php5.c>
  php_flag magic_quotes_gpc                 off
  php_flag magic_quotes_sybase              off
  php_flag register_globals                 off
  php_flag session.auto_start               off
  php_value mbstring.http_input             pass
  php_value mbstring.http_output            pass
  php_flag mbstring.encoding_translation    off
 </IfModule>

 # Requires mod_expires to be enabled.
 <IfModule mod_expires.c>
  # Enable expirations.
  ExpiresActive On

  # Cache all files for 2 weeks after access (A).
  ExpiresDefault A1209600

  <FilesMatch \.php$>
    # Do not allow PHP scripts to be cached unless they explicitly send cache
    # headers themselves. Otherwise all scripts would have to overwrite the
    # headers set by mod_expires if they want another caching behavior. This may
    # fail if an error occurs early in the bootstrap process, and it may cause
    # problems if a non-Drupal PHP file is installed in a subdirectory.
    ExpiresActive Off
  </FilesMatch>
 </IfModule>

 # Various rewrite rules.
 <IfModule mod_rewrite.c>
  RewriteEngine on

  # Block access to "hidden" directories whose names begin with a period. This
  # includes directories used by version control systems such as Subversion or
  # Git to store control files. Files whose names begin with a period, as well
  # as the control files used by CVS, are protected by the FilesMatch directive
  # above.
  #
  # NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
  # not possible to block access to entire directories from .htaccess, because
  # <DirectoryMatch> is not allowed here.
  #
  # If you do not have mod_rewrite installed, you should remove these
  # directories from your webroot or otherwise protect them from being
  # downloaded.
  RewriteRule "(^|/)\." - [F]

  # If your site can be accessed both with and without the 'www.' prefix, you
  # can use one of the following settings to redirect users to your preferred
  # URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
  #
  # To redirect all users to access the site WITH the 'www.' prefix,
  # (http://example.com/... will be redirected to http://www.example.com/...)
  # uncomment the following:
  # RewriteCond %{HTTP_HOST} !^www\. [NC]
  # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  #
  # To redirect all users to access the site WITHOUT the 'www.' prefix,
  # (http://www.example.com/... will be redirected to http://example.com/...)
  # uncomment the following:
  # RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
  # RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]


 # Access Protection Checks
 # Unleashed
 RewriteCond %{HTTP:X-Forwarded-For} !^173\.8\.26\.(1(5[2-9]))$
 RewriteCond %{HTTP:X-Forwarded-For} !^192\.168\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$
 RewriteCond %{HTTP:X-Forwarded-For} !^199\.58\.214\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$

 # Woodhouse 
 ## (Corporate's Office IP)
 RewriteCond %{HTTP:X-Forwarded-For} !^173\.219\.32\.252$

 # Development Protection
 #RewriteCond %{HTTP_HOST} !^woodhouse\.utdev\.com$ [OR]
 #RewriteCond %{HTTP_HOST} !^(.+)\.woodhouse\.utdev\.com$ [OR]

 # Template Protection
 RewriteCond %{HTTP_HOST} ^(www\.)?template\.woodhousespas\.com$ [OR]
 RewriteCond %{HTTP_HOST} ^(www\.)?template\.woodhouse\.utdev\.com$

 # If not allowed, redirect to main site.
 RewriteRule ^ http://www.woodhousespas.com%{REQUEST_URI} [L,R=301]

 # Reservation subdomain redirect
 RewriteCond %{HTTP_HOST} ^(www\.)?reservations\.woodhousespas\.com [NC]
 RewriteRule ^ http://woodhousespas.com/reservation-select-location [L,R=301]

 # Require SSL
 #RewriteCond %{HTTPS} off
 RewriteCond %{HTTP:X-Forwarded-Proto} =http
 RewriteCond %{REQUEST_URI} ^/(admin|cart|utlogin|user|reservation) [NC]
 RewriteCond %{HTTP_HOST} !^(.+)\.woodhouse\.utdev\.com$ [NC]
 RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

 # Remove SSL
 #RewriteCond %{HTTPS} on
 #RewriteCond %{HTTP:X-Forwarded-Proto} =https
 #RewriteCond %{REQUEST_URI} !^/(admin|cart|utlogin|user) [NC]
 #RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


  # Modify the RewriteBase if you are using Drupal in a subdirectory or in a
  # VirtualDocumentRoot and the rewrite rules are not working properly.
  # For example if your site is at http://example.com/drupal uncomment and
  # modify the following line:
  # RewriteBase /drupal
  #
  # If your site is running in a VirtualDocumentRoot at http://example.com/,
  # uncomment the following line:
  # RewriteBase /

  # Pass all requests not referring directly to files in the filesystem to
  # index.php. Clean URLs are handled in drupal_environment_initialize().
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_URI} !=/favicon.ico
  RewriteRule ^ index.php [L]

  # Rules to correctly serve gzip compressed CSS and JS files.
  # Requires both mod_rewrite and mod_headers to be enabled.
  <IfModule mod_headers.c>
    # Serve gzip compressed CSS files if they exist and the client accepts gzip.
    RewriteCond %{HTTP:Accept-encoding} gzip
    RewriteCond %{REQUEST_FILENAME}\.gz -s
    RewriteRule ^(.*)\.css $1\.css\.gz [QSA]

    # Serve gzip compressed JS files if they exist and the client accepts gzip.
    RewriteCond %{HTTP:Accept-encoding} gzip
    RewriteCond %{REQUEST_FILENAME}\.gz -s
    RewriteRule ^(.*)\.js $1\.js\.gz [QSA]

    # Serve correct content types, and prevent mod_deflate double gzip.
    RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
    RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]

    <FilesMatch "(\.js\.gz|\.css\.gz)$">
      # Serve correct encoding type.
      Header set Content-Encoding gzip
      # Force proxies to cache gzipped & non-gzipped css/js files separately.
      Header append Vary Accept-Encoding
    </FilesMatch>
  </IfModule>
 </IfModule>

 # Change PHP memory value ~Snyder 08/22/12
 php_value memory_limit 256M

 php_value max_execution_time 600
	#
	# Apache/PHP/Drupal settings:
	#

	# Protect files and directories from prying eyes.
	<FilesMatch "\.(engine\|inc\|info\|install\|make\|module\|profile\|test\|po\|sh\|.sql\|theme\|tpl(\.php)?\|xtmpl)$\|^(\..\|Entries.*\|Repository\|Root\|Tag\|Template)$">
	Order allow,deny
	</FilesMatch>

	# Don't show directory listings for URLs which map to a directory.
	Options -Indexes

	# Follow symbolic links in this directory.
	Options +FollowSymLinks

	# Make Drupal handle any 404 errors.
	ErrorDocument 404 /index.php

	# Set the default handler.
	DirectoryIndex index.php index.html index.htm

	# Override PHP settings that cannot be changed at runtime. See
	# sites/default/default.settings.php and drupal_initialize_variables() in
	# includes/bootstrap.inc for settings that can be changed at runtime.

	# PHP 5, Apache 1 and 2.
	<IfModule mod_php5.c>
	php_flag magic_quotes_gpc off
	php_flag magic_quotes_sybase off
	php_flag register_globals off
	php_flag session.auto_start off
	php_value mbstring.http_input pass
	php_value mbstring.http_output pass
	php_flag mbstring.encoding_translation off
	</IfModule>

	# Requires mod_expires to be enabled.
	<IfModule mod_expires.c>
	# Enable expirations.
	ExpiresActive On

	# Cache all files for 2 weeks after access (A).
	ExpiresDefault A1209600

	<FilesMatch \.php$>
	# Do not allow PHP scripts to be cached unless they explicitly send cache
	# headers themselves. Otherwise all scripts would have to overwrite the
	# headers set by mod_expires if they want another caching behavior. This may
	# fail if an error occurs early in the bootstrap process, and it may cause
	# problems if a non-Drupal PHP file is installed in a subdirectory.
	ExpiresActive Off
	</FilesMatch>
	</IfModule>

	# Various rewrite rules.
	<IfModule mod_rewrite.c>
	RewriteEngine on

	# Block access to "hidden" directories whose names begin with a period. This
	# includes directories used by version control systems such as Subversion or
	# Git to store control files. Files whose names begin with a period, as well
	# as the control files used by CVS, are protected by the FilesMatch directive
	# above.
	#
	# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
	# not possible to block access to entire directories from .htaccess, because
	# <DirectoryMatch> is not allowed here.
	#
	# If you do not have mod_rewrite installed, you should remove these
	# directories from your webroot or otherwise protect them from being
	# downloaded.
	RewriteRule "(^\|/)\." - [F]

	# If your site can be accessed both with and without the 'www.' prefix, you
	# can use one of the following settings to redirect users to your preferred
	# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
	#
	# To redirect all users to access the site WITH the 'www.' prefix,
	# (http://example.com/... will be redirected to http://www.example.com/...)
	# uncomment the following:
	# RewriteCond %{HTTP_HOST} !^www\. [NC]
	# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
	#
	# To redirect all users to access the site WITHOUT the 'www.' prefix,
	# (http://www.example.com/... will be redirected to http://example.com/...)
	# uncomment the following:
	# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
	# RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]


	# Access Protection Checks
	# Unleashed
	RewriteCond %{HTTP:X-Forwarded-For} !^173\.8\.26\.(1(5[2-9]))$
	RewriteCond %{HTTP:X-Forwarded-For} !^192\.168\.([0-9]\|[1-9][0-9]\|1([0-9][0-9])\|2([0-4][0-9]\|5[0-5]))\.([0-9]\|[1-9][0-9]\|1([0-9][0-9])\|2([0-4][0-9]\|5[0-5]))$
	RewriteCond %{HTTP:X-Forwarded-For} !^199\.58\.214\.([0-9]\|[1-9][0-9]\|1([0-9][0-9])\|2([0-4][0-9]\|5[0-5]))$

	# Woodhouse
	## (Corporate's Office IP)
	RewriteCond %{HTTP:X-Forwarded-For} !^173\.219\.32\.252$

	# Development Protection
	#RewriteCond %{HTTP_HOST} !^woodhouse\.utdev\.com$ [OR]
	#RewriteCond %{HTTP_HOST} !^(.+)\.woodhouse\.utdev\.com$ [OR]

	# Template Protection
	RewriteCond %{HTTP_HOST} ^(www\.)?template\.woodhousespas\.com$ [OR]
	RewriteCond %{HTTP_HOST} ^(www\.)?template\.woodhouse\.utdev\.com$

	# If not allowed, redirect to main site.
	RewriteRule ^ http://www.woodhousespas.com%{REQUEST_URI} [L,R=301]

	# Reservation subdomain redirect
	RewriteCond %{HTTP_HOST} ^(www\.)?reservations\.woodhousespas\.com [NC]
	RewriteRule ^ http://woodhousespas.com/reservation-select-location [L,R=301]

	# Require SSL
	#RewriteCond %{HTTPS} off
	RewriteCond %{HTTP:X-Forwarded-Proto} =http
	RewriteCond %{REQUEST_URI} ^/(admin\|cart\|utlogin\|user\|reservation) [NC]
	RewriteCond %{HTTP_HOST} !^(.+)\.woodhouse\.utdev\.com$ [NC]
	RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

	# Remove SSL
	#RewriteCond %{HTTPS} on
	#RewriteCond %{HTTP:X-Forwarded-Proto} =https
	#RewriteCond %{REQUEST_URI} !^/(admin\|cart\|utlogin\|user) [NC]
	#RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


	# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
	# VirtualDocumentRoot and the rewrite rules are not working properly.
	# For example if your site is at http://example.com/drupal uncomment and
	# modify the following line:
	# RewriteBase /drupal
	#
	# If your site is running in a VirtualDocumentRoot at http://example.com/,
	# uncomment the following line:
	# RewriteBase /

	# Pass all requests not referring directly to files in the filesystem to
	# index.php. Clean URLs are handled in drupal_environment_initialize().
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_URI} !=/favicon.ico
	RewriteRule ^ index.php [L]

	# Rules to correctly serve gzip compressed CSS and JS files.
	# Requires both mod_rewrite and mod_headers to be enabled.
	<IfModule mod_headers.c>
	# Serve gzip compressed CSS files if they exist and the client accepts gzip.
	RewriteCond %{HTTP:Accept-encoding} gzip
	RewriteCond %{REQUEST_FILENAME}\.gz -s
	RewriteRule ^(.*)\.css $1\.css\.gz [QSA]

	# Serve gzip compressed JS files if they exist and the client accepts gzip.
	RewriteCond %{HTTP:Accept-encoding} gzip
	RewriteCond %{REQUEST_FILENAME}\.gz -s
	RewriteRule ^(.*)\.js $1\.js\.gz [QSA]

	# Serve correct content types, and prevent mod_deflate double gzip.
	RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
	RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]

	<FilesMatch "(\.js\.gz\|\.css\.gz)$">
	# Serve correct encoding type.
	Header set Content-Encoding gzip
	# Force proxies to cache gzipped & non-gzipped css/js files separately.
	Header append Vary Accept-Encoding
	</FilesMatch>
	</IfModule>
	</IfModule>

	# Change PHP memory value ~Snyder 08/22/12
	php_value memory_limit 256M

	php_value max_execution_time 600