2.14.13.9 Standard .htaccess for Magento 2.3

Content of standard .htaccess for Magento 2.3 (GitHub):

  • From site root directory (GitHub):
    1. ############################################
    2. ## overrides deployment configuration mode value
    3. ## use command bin/magento deploy:mode:set to switch modes
    4.  
    5. # SetEnv MAGE_MODE developer
    6.  
    7. ############################################
    8. ## uncomment these lines for CGI mode
    9. ## make sure to specify the correct cgi php binary file name
    10. ## it might be /cgi-bin/php-cgi
    11.  
    12. # Action php5-cgi /cgi-bin/php5-cgi
    13. # AddHandler php5-cgi .php
    14.  
    15. ############################################
    16. ## GoDaddy specific options
    17.  
    18. # Options -MultiViews
    19.  
    20. ## you might also need to add this line to php.ini
    21. ## cgi.fix_pathinfo = 1
    22. ## if it still doesn't work, rename php.ini to php5.ini
    23.  
    24. ############################################
    25. ## this line is specific for 1and1 hosting
    26.  
    27. #AddType x-mapp-php5 .php
    28. #AddHandler x-mapp-php5 .php
    29.  
    30. ############################################
    31. ## enable usage of methods arguments in backtrace
    32.  
    33. SetEnv MAGE_DEBUG_SHOW_ARGS 1
    34.  
    35. ############################################
    36. ## default index file
    37.  
    38. DirectoryIndex index.php
    39.  
    40. <IfModule mod_php5.c>
    41. ############################################
    42. ## adjust memory limit
    43.  
    44. php_value memory_limit 756M
    45. php_value max_execution_time 18000
    46.  
    47. ############################################
    48. ## disable automatic session start
    49. ## before autoload was initialized
    50.  
    51. php_flag session.auto_start off
    52.  
    53. ############################################
    54. ## enable resulting html compression
    55.  
    56. #php_flag zlib.output_compression on
    57.  
    58. ###########################################
    59. ## disable user agent verification to not break multiple image upload
    60.  
    61. php_flag suhosin.session.cryptua off
    62. </IfModule>
    63. <IfModule mod_php7.c>
    64. ############################################
    65. ## adjust memory limit
    66.  
    67. php_value memory_limit 756M
    68. php_value max_execution_time 18000
    69.  
    70. ############################################
    71. ## disable automatic session start
    72. ## before autoload was initialized
    73.  
    74. php_flag session.auto_start off
    75.  
    76. ############################################
    77. ## enable resulting html compression
    78.  
    79. #php_flag zlib.output_compression on
    80.  
    81. ###########################################
    82. ## disable user agent verification to not break multiple image upload
    83.  
    84. php_flag suhosin.session.cryptua off
    85. </IfModule>
    86. <IfModule mod_security.c>
    87. ###########################################
    88. ## disable POST processing to not break multiple image upload
    89.  
    90. SecFilterEngine Off
    91. SecFilterScanPOST Off
    92. </IfModule>
    93.  
    94. <IfModule mod_deflate.c>
    95.  
    96. ############################################
    97. ## enable apache served files compression
    98. ## http://developer.yahoo.com/performance/rules.html#gzip
    99.  
    100. # Insert filter on all content
    101. ###SetOutputFilter DEFLATE
    102. # Insert filter on selected content types only
    103. #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml
    104.  
    105. # Netscape 4.x has some problems.
    106. #BrowserMatch ^Mozilla/4 gzip-only-text/html
    107.  
    108. # Netscape 4.06-4.08 have some more problems
    109. #BrowserMatch ^Mozilla/4\.0[678] no-gzip
    110.  
    111. # MSIE masquerades as Netscape, but it is fine
    112. #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    113.  
    114. # Don't compress images
    115. #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
    116.  
    117. # Make sure proxies don't deliver the wrong content
    118. #Header append Vary User-Agent env=!dont-vary
    119.  
    120. </IfModule>
    121.  
    122. <IfModule mod_ssl.c>
    123.  
    124. ############################################
    125. ## make HTTPS env vars available for CGI mode
    126.  
    127. SSLOptions StdEnvVars
    128.  
    129. </IfModule>
    130.  
    131. ############################################
    132. ## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
    133. ## Please, set it on virtual host configuration level
    134.  
    135. ## SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
    136. ############################################
    137.  
    138. <IfModule mod_rewrite.c>
    139.  
    140. ############################################
    141. ## enable rewrites
    142.  
    143. Options +SymLinksIfOwnerMatch
    144. RewriteEngine on
    145.  
    146. ############################################
    147. ## you can put here your magento root folder
    148. ## path relative to web root
    149.  
    150. #RewriteBase /magento/
    151.  
    152. ############################################
    153. ## workaround for HTTP authorization
    154. ## in CGI environment
    155.  
    156. RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    157.  
    158. ############################################
    159. ## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
    160.  
    161. RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    162. RewriteRule .* - [L,R=405]
    163.  
    164. ############################################
    165. ## redirect for mobile user agents
    166.  
    167. #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
    168. #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
    169. #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
    170.  
    171. ############################################
    172. ## never rewrite for existing files, directories and links
    173.  
    174. RewriteCond %{REQUEST_FILENAME} !-f
    175. RewriteCond %{REQUEST_FILENAME} !-d
    176. RewriteCond %{REQUEST_FILENAME} !-l
    177.  
    178. ############################################
    179. ## rewrite everything else to index.php
    180.  
    181. RewriteRule .* index.php [L]
    182.  
    183. </IfModule>
    184.  
    185.  
    186. ############################################
    187. ## Prevent character encoding issues from server overrides
    188. ## If you still have problems, use the second line instead
    189.  
    190. AddDefaultCharset Off
    191. #AddDefaultCharset UTF-8
    192. AddType 'text/html; charset=UTF-8' html
    193.  
    194. <IfModule mod_expires.c>
    195.  
    196. ############################################
    197. ## Add default Expires header
    198. ## http://developer.yahoo.com/performance/rules.html#expires
    199.  
    200. ExpiresDefault "access plus 1 year"
    201. ExpiresByType text/html A0
    202. ExpiresByType text/plain A0
    203.  
    204. </IfModule>
    205.  
    206. ###########################################
    207. ## Deny access to root files to hide sensitive application information
    208. RedirectMatch 403 /\.git
    209.  
    210. <Files composer.json>
    211. # <IfVersion < 2.4>
    212. # order allow,deny
    213. # deny from all
    214. # </IfVersion>
    215. # <IfVersion >= 2.4>
    216. Require all denied
    217. # </IfVersion>
    218. </Files>
    219. <Files composer.lock>
    220. # <IfVersion < 2.4>
    221. # order allow,deny
    222. # deny from all
    223. # </IfVersion>
    224. # <IfVersion >= 2.4>
    225. Require all denied
    226. # </IfVersion>
    227. </Files>
    228. <Files .gitignore>
    229. # <IfVersion < 2.4>
    230. # order allow,deny
    231. # deny from all
    232. # </IfVersion>
    233. # <IfVersion >= 2.4>
    234. Require all denied
    235. # </IfVersion>
    236. </Files>
    237. <Files .htaccess>
    238. # <IfVersion < 2.4>
    239. # order allow,deny
    240. # deny from all
    241. # </IfVersion>
    242. # <IfVersion >= 2.4>
    243. Require all denied
    244. # </IfVersion>
    245. </Files>
    246. <Files .htaccess.sample>
    247. # <IfVersion < 2.4>
    248. # order allow,deny
    249. # deny from all
    250. # </IfVersion>
    251. # <IfVersion >= 2.4>
    252. Require all denied
    253. # </IfVersion>
    254. </Files>
    255. <Files .php_cs.dist>
    256. # <IfVersion < 2.4>
    257. # order allow,deny
    258. # deny from all
    259. # </IfVersion>
    260. # <IfVersion >= 2.4>
    261. Require all denied
    262. # </IfVersion>
    263. </Files>
    264. <Files .travis.yml>
    265. # <IfVersion < 2.4>
    266. # order allow,deny
    267. # deny from all
    268. # </IfVersion>
    269. # <IfVersion >= 2.4>
    270. Require all denied
    271. # </IfVersion>
    272. </Files>
    273. <Files CHANGELOG.md>
    274. # <IfVersion < 2.4>
    275. # order allow,deny
    276. # deny from all
    277. # </IfVersion>
    278. # <IfVersion >= 2.4>
    279. Require all denied
    280. # </IfVersion>
    281. </Files>
    282. <Files COPYING.txt>
    283. # <IfVersion < 2.4>
    284. # order allow,deny
    285. # deny from all
    286. # </IfVersion>
    287. # <IfVersion >= 2.4>
    288. Require all denied
    289. # </IfVersion>
    290. </Files>
    291. <Files Gruntfile.js>
    292. # <IfVersion < 2.4>
    293. # order allow,deny
    294. # deny from all
    295. # </IfVersion>
    296. # <IfVersion >= 2.4>
    297. Require all denied
    298. # </IfVersion>
    299. </Files>
    300. <Files LICENSE.txt>
    301. # <IfVersion < 2.4>
    302. # order allow,deny
    303. # deny from all
    304. # </IfVersion>
    305. # <IfVersion >= 2.4>
    306. Require all denied
    307. # </IfVersion>
    308. </Files>
    309. <Files LICENSE_AFL.txt>
    310. # <IfVersion < 2.4>
    311. # order allow,deny
    312. # deny from all
    313. # </IfVersion>
    314. # <IfVersion >= 2.4>
    315. Require all denied
    316. # </IfVersion>
    317. </Files>
    318. <Files nginx.conf.sample>
    319. # <IfVersion < 2.4>
    320. # order allow,deny
    321. # deny from all
    322. # </IfVersion>
    323. # <IfVersion >= 2.4>
    324. Require all denied
    325. # </IfVersion>
    326. </Files>
    327. <Files package.json>
    328. # <IfVersion < 2.4>
    329. # order allow,deny
    330. # deny from all
    331. # </IfVersion>
    332. # <IfVersion >= 2.4>
    333. Require all denied
    334. # </IfVersion>
    335. </Files>
    336. <Files php.ini.sample>
    337. # <IfVersion < 2.4>
    338. # order allow,deny
    339. # deny from all
    340. # </IfVersion>
    341. # <IfVersion >= 2.4>
    342. Require all denied
    343. # </IfVersion>
    344. </Files>
    345. <Files README.md>
    346. # <IfVersion < 2.4>
    347. # order allow,deny
    348. # deny from all
    349. # </IfVersion>
    350. # <IfVersion >= 2.4>
    351. Require all denied
    352. # </IfVersion>
    353. </Files>
    354. <Files magento_umask>
    355. # <IfVersion < 2.4>
    356. # order allow,deny
    357. # deny from all
    358. # </IfVersion>
    359. # <IfVersion >= 2.4>
    360. Require all denied
    361. # </IfVersion>
    362. </Files>
    363. <Files auth.json>
    364. # <IfVersion < 2.4>
    365. # order allow,deny
    366. # deny from all
    367. # </IfVersion>
    368. # <IfVersion >= 2.4>
    369. Require all denied
    370. # </IfVersion>
    371. </Files>
    372. <Files .user.ini>
    373. # <IfVersion < 2.4>
    374. # order allow,deny
    375. # deny from all
    376. # </IfVersion>
    377. # <IfVersion >= 2.4>
    378. Require all denied
    379. # </IfVersion>
    380. </Files>
    381.  
    382. # For 404s and 403s that aren't handled by the application, show plain 404 response
    383. ErrorDocument 404 /pub/errors/404.php
    384. ErrorDocument 403 /pub/errors/404.php
    385.  
    386. ################################
    387. ## If running in cluster environment, uncomment this
    388. ## http://developer.yahoo.com/performance/rules.html#etags
    389.  
    390. #FileETag none
    391.  
    392. # ######################################################################
    393. # # INTERNET EXPLORER #
    394. # ######################################################################
    395.  
    396. # ----------------------------------------------------------------------
    397. # | Document modes |
    398. # ----------------------------------------------------------------------
    399.  
    400. # Force Internet Explorer 8/9/10 to render pages in the highest mode
    401. # available in the various cases when it may not.
    402. #
    403. # https://hsivonen.fi/doctype/#ie8
    404. #
    405. # (!) Starting with Internet Explorer 11, document modes are deprecated.
    406. # If your business still relies on older web apps and services that were
    407. # designed for older versions of Internet Explorer, you might want to
    408. # consider enabling `Enterprise Mode` throughout your company.
    409. #
    410. # https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
    411. # http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx
    412.  
    413. <IfModule mod_headers.c>
    414.  
    415. Header set X-UA-Compatible "IE=edge"
    416.  
    417. # `mod_headers` cannot match based on the content-type, however,
    418. # the `X-UA-Compatible` response header should be send only for
    419. # HTML documents and not for the other resources.
    420.  
    421. <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
    422. Header unset X-UA-Compatible
    423. </FilesMatch>
    424.  
    425. </IfModule>

    For compatibility with our hosting, the directive on line 143 has been changed and a number of directives in the range of lines 211-379 have been commented out.

  • From subdirectory pub (GitHub):
    1. ############################################
    2. ## Optional override of deployment mode. We recommend you use the
    3. ## command bin/magento deploy:mode:set to switch modes instead
    4.  
    5. # Options are default, production, or developer
    6. # SetEnv MAGE_MODE default
    7.  
    8. ############################################
    9. ## Uncomment these lines for CGI mode.
    10. ## Make sure to specify the correct cgi php binary file name
    11. ## it might be /cgi-bin/php-cgi
    12.  
    13. # Action php5-cgi /cgi-bin/php5-cgi
    14. # AddHandler php5-cgi .php
    15.  
    16. ############################################
    17. ## GoDaddy specific options
    18.  
    19. # Options -MultiViews
    20.  
    21. ## You might also need to add this line to php.ini
    22. ## cgi.fix_pathinfo = 1
    23. ## If it still doesn't work, rename php.ini to php5.ini
    24.  
    25. ############################################
    26. ## This line is specific for 1and1 hosting
    27.  
    28. #AddType x-mapp-php5 .php
    29. #AddHandler x-mapp-php5 .php
    30.  
    31. ############################################
    32. ## Default index file
    33.  
    34. DirectoryIndex index.php
    35.  
    36. <IfModule mod_php5.c>
    37. ############################################
    38. ## Adjust memory limit
    39.  
    40. php_value memory_limit 756M
    41. php_value max_execution_time 18000
    42.  
    43. ############################################
    44. ## Disable automatic session start
    45. ## before autoload was initialized
    46.  
    47. php_flag session.auto_start off
    48.  
    49. ############################################
    50. # Disable user agent verification to not break multiple image upload
    51.  
    52. php_flag suhosin.session.cryptua off
    53. </IfModule>
    54. <IfModule mod_php7.c>
    55. ############################################
    56. ## Adjust memory limit
    57.  
    58. php_value memory_limit 756M
    59. php_value max_execution_time 18000
    60.  
    61. ############################################
    62. ## Disable automatic session start
    63. ## before autoload was initialized
    64.  
    65. php_flag session.auto_start off
    66.  
    67. ############################################
    68. ## Enable resulting html compression
    69.  
    70. #php_flag zlib.output_compression on
    71.  
    72. ###########################################
    73. # Disable user agent verification to not break multiple image upload
    74.  
    75. php_flag suhosin.session.cryptua off
    76. </IfModule>
    77.  
    78.  
    79. <IfModule mod_security.c>
    80. ###########################################
    81. # Disable POST processing to not break multiple image upload
    82.  
    83. SecFilterEngine Off
    84. SecFilterScanPOST Off
    85. </IfModule>
    86.  
    87. <IfModule mod_deflate.c>
    88.  
    89. ############################################
    90. ## Enable apache served files compression
    91. ## http://developer.yahoo.com/performance/rules.html#gzip
    92.  
    93. # Insert filter on all content
    94. ###SetOutputFilter DEFLATE
    95. # Insert filter on selected content types only
    96. #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
    97.  
    98. # Netscape 4.x has some problems.
    99. #BrowserMatch ^Mozilla/4 gzip-only-text/html
    100.  
    101. # Netscape 4.06-4.08 have some more problems
    102. #BrowserMatch ^Mozilla/4\.0[678] no-gzip
    103.  
    104. # MSIE masquerades as Netscape, but it is fine
    105. #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    106.  
    107. # Don't compress images
    108. #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
    109.  
    110. # Make sure proxies don't deliver the wrong content
    111. #Header append Vary User-Agent env=!dont-vary
    112.  
    113. </IfModule>
    114.  
    115. <IfModule mod_ssl.c>
    116.  
    117. ############################################
    118. ## Make HTTPS env vars available for CGI mode
    119.  
    120. SSLOptions StdEnvVars
    121.  
    122. </IfModule>
    123.  
    124. <IfModule mod_rewrite.c>
    125.  
    126. ############################################
    127. ## Enable rewrites
    128.  
    129. Options +SymLinksIfOwnerMatch
    130. RewriteEngine on
    131.  
    132. ############################################
    133. ## You can put here your magento root folder
    134. ## path relative to web root
    135.  
    136. #RewriteBase /magento/
    137.  
    138. ############################################
    139. ## Workaround for HTTP authorization
    140. ## in CGI environment
    141.  
    142. RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    143.  
    144. ############################################
    145. ## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
    146.  
    147. RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    148. RewriteRule .* - [L,R=405]
    149.  
    150. ############################################
    151. ## Never rewrite for existing files, directories and links
    152.  
    153. RewriteCond %{REQUEST_FILENAME} !-f
    154. RewriteCond %{REQUEST_FILENAME} !-d
    155. RewriteCond %{REQUEST_FILENAME} !-l
    156.  
    157. ############################################
    158. ## Rewrite everything else to index.php
    159.  
    160. RewriteRule .* index.php [L]
    161.  
    162. </IfModule>
    163.  
    164.  
    165. ############################################
    166. ## Prevent character encoding issues from server overrides
    167. ## If you still have problems, use the second line instead
    168.  
    169. AddDefaultCharset Off
    170. #AddDefaultCharset UTF-8
    171.  
    172. <IfModule mod_expires.c>
    173.  
    174. ############################################
    175. ## Add default Expires header
    176. ## http://developer.yahoo.com/performance/rules.html#expires
    177.  
    178. ExpiresDefault "access plus 1 year"
    179. ExpiresByType text/html A0
    180. ExpiresByType text/plain A0
    181.  
    182. </IfModule>
    183.  
    184. ###########################################
    185. ## Deny access to release notes to prevent disclosure of the installed Magento version
    186.  
    187. <Files RELEASE_NOTES.txt>
    188. # <IfVersion < 2.4>
    189. # order allow,deny
    190. # deny from all
    191. # </IfVersion>
    192. # <IfVersion >= 2.4>
    193. Require all denied
    194. # </IfVersion>
    195. </Files>
    196.  
    197. # For 404s and 403s that aren't handled by the application, show plain 404 response
    198. ErrorDocument 404 /errors/404.php
    199. ErrorDocument 403 /errors/404.php
    200.  
    201. ############################################
    202. ## If running in cluster environment, uncomment this
    203. ## http://developer.yahoo.com/performance/rules.html#etags
    204.  
    205. #FileETag none
    206.  
    207. ###########################################
    208. ## Deny access to cron.php
    209. <Files cron.php>
    210. # <IfVersion < 2.4>
    211. # order allow,deny
    212. # deny from all
    213. # </IfVersion>
    214. # <IfVersion >= 2.4>
    215. Require all denied
    216. # </IfVersion>
    217. </Files>
    218. ## Deny access to .user.ini
    219. <Files .user.ini>
    220. # <IfVersion < 2.4>
    221. # order allow,deny
    222. # deny from all
    223. # </IfVersion>
    224. # <IfVersion >= 2.4>
    225. Require all denied
    226. # </IfVersion>
    227. </Files>
    228.  
    229. <IfModule mod_headers.c>
    230. ############################################
    231. ## Prevent clickjacking
    232. Header set X-Frame-Options
    233. </IfModule>

    For compatibility Header set X-Frame-Options

  • Header set X-Frame-Options):
    1. <IfModule mod_php5.c>
    2. Header set X-Frame-Options
    3. </IfModule>
    4.  
    5. <IfModule mod_php7.c>
    6. Header set X-Frame-Options
    7. </IfModule>
    8.  
    9. Header set X-Frame-Options
    10. Header set X-Frame-Options
    11.  
    12. <IfModule mod_rewrite.c>
    13. Header set X-Frame-Options
    14.  
    15. Header set X-Frame-Options
    16. Header set X-Frame-Options
    17.  
    18. Header set X-Frame-Options
    19. Header set X-Frame-Options
    20.  
    21. RewriteCond %{REQUEST_FILENAME} !-f
    22. RewriteCond %{REQUEST_FILENAME} !-l
    23.  
    24. Header set X-Frame-Options
    25. Header set X-Frame-Options
    26. Header set X-Frame-Options
    27. Header set X-Frame-Options
    28. Header set X-Frame-Options
    29. Header set X-Frame-Options
    30. </IfModule>
    31.  
    32. ############################################
    33. Header set X-Frame-Options
    34.  
    35. Header set X-Frame-Options
    36. Header set X-Frame-Options
    37. Header set X-Frame-Options
    38.  
    39. Header set X-Frame-Options
    40.  
    41. Header set X-Frame-Options
    42.  
    43. Header set X-Frame-Options
    44. Header set X-Frame-Options
    45.  
    46. Header set X-Frame-Options
    47. Header set X-Frame-Options
    48. Header set X-Frame-Options
    49. Header set X-Frame-Options
    50. Header set X-Frame-Options
    51. Header set X-Frame-Options
    52.  
    53. Header set X-Frame-Options
    54. Header set X-Frame-Options
    55.  
    56. Header set X-Frame-Options
    57. Header set X-Frame-Options
    58. Header set X-Frame-Options
    59. Header set X-Frame-Options
    60. Header set X-Frame-Options
    61. Header set X-Frame-Options
    62.  
    63. Header set X-Frame-Options
    64. Header set X-Frame-Options
    65.  
    66. Header set X-Frame-Options
    67. Header set X-Frame-Options
    68. Header set X-Frame-Options
    69. Header set X-Frame-Options
    70. Header set X-Frame-Options
    71. Header set X-Frame-Options
    72.  
    73. <IfModule mod_headers.c>
    74.  
    75. Header set X-Frame-Options
    76. Header set X-Frame-Options
    77. </FilesMatch>
    78.  
    79. Header set X-Frame-Options
    80. Header set X-Frame-Options
    81. </FilesMatch>
    82.  
    83. </IfModule>
    84.  
    85. <IfModule mod_expires.c>
    86.  
    87. ############################################
    88. ## Add default Expires header
    89. ## http://developer.yahoo.com/performance/rules.html#expires
    90.  
    91. Header set X-Frame-Options
    92.  
    93. Header set X-Frame-Options
    94. Header set X-Frame-Options
    95. Header set X-Frame-Options
    96. </FilesMatch>
    97. Header set X-Frame-Options
    98. Header set X-Frame-Options
    99. Header set X-Frame-Options
    100. Header set X-Frame-Options
    101. Header set X-Frame-Options
    102. Header set X-Frame-Options
    103.  
    104. Header set X-Frame-Options
    105. Header set X-Frame-Options
    106. Header set X-Frame-Options
    107. </FilesMatch>
    108. Header set X-Frame-Options
    109. Header set X-Frame-Options
    110. Header set X-Frame-Options
    111. Header set X-Frame-Options
    112.  
    113. Header set X-Frame-Options
    114. Header set X-Frame-Options
    115. Header set X-Frame-Options
    116. </FilesMatch>
    117. Header set X-Frame-Options
    118. Header set X-Frame-Options
    119. Header set X-Frame-Options
    120. Header set X-Frame-Options
    121. Header set X-Frame-Options
    122.  
    123. Header set X-Frame-Options
    124. Header set X-Frame-Options
    125. Header set X-Frame-Options
    126. </FilesMatch>
    127. Header set X-Frame-Options
    128. Header set X-Frame-Options
    129. Header set X-Frame-Options
    130. Header set X-Frame-Options
    131. Header set X-Frame-Options
    132.  
    133. </IfModule>
    134. Header set X-Frame-Options Header set X-Frame-OptionsHeader set X-Frame-OptionsHeader set X-Frame-Options
      Content