RewriteEngine On ## Begin RewriteBase # If you are getting 500 or 404 errors on subpages, you may have to uncomment the RewriteBase entry # You should change the '/' to your appropriate subfolder. For example if you have # your Grav install at the root of your site '/' should work, else it might be something # along the lines of: RewriteBase / ## # RewriteBase / ## End - RewriteBase ## Begin - X-Forwarded-Proto # In some hosted or load balanced environments, SSL negotiation happens upstream. # In order for Grav to recognize the connection as secure, you need to uncomment # the following lines. # # RewriteCond %{HTTP:X-Forwarded-Proto} https # RewriteRule .* - [E=HTTPS:on] # ## End - X-Forwarded-Proto ## Begin - Exploits # If you experience problems on your site block out the operations listed below # This attempts to block the most common type of exploit `attempts` to Grav # # Block out any script trying to base64_encode data within the URL. RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] # Block out any script that includes a