Apache disable caching except jpe?g|png|gif|js|css - regex

Here is how I enabled cache for images, JavaScript and CSS in Apache httpd.conf
<IfModule mod_expires.c>
<FilesMatch "\.(jpe?g|png|gif|js|css)">
ExpiresActive On
ExpiresDefault "access plus 7 day"
FileETag None
</FilesMatch>
</IfModule>
My question is how to form FilesMatch regex negative-assertions to get result no-cache for everything except images, JavaScript and CSS. Below does not work.
# DISABLE ALL CACHING EXCEPT IMAGES,JAVASCRIPT AND CSS
<FilesMatch "\.?!(jpe?g|png|gif|js|css)$">
FileETag None
<IfModule mod_headers.c>
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Note "CACHING IS DISABLED"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</IfModule>
</FilesMatch>

Untested, but I think this should be (?<!\.(html|htm|js|css|json))$. See the question I linked as a duplicate for more details.

Related

Apache2.4 gzip compression on Solaris 11

I have created Angular App for which I am facing performance issues as my main.js file size is 3.76 MB. So I looked for enabling gzip compression on server. It worked for Apache in windows but not for Solaris 11.
So is there a different way to enable compression on Solaris 11 for Apache-2.4.
On Windows I enabled compression for Apache Server by uncommenting following module line inside httpd.conf of Apache and file size reduced to 680KB
LoadModule deflate_module modules/mod_deflate.so
And adding following at the end of httpd.conf file
<IfModule mod_deflate.c>
<FilesMatch "\.(html|txt|css|js|php|pl)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
For Solaris I tried same but it's not working. JS files transferred size and resource size is still same.
Also tried to put .htaccess file in root of my app with following lines
<Directory /var/apache2/2.4/htdocs/>
<IfModule mod_mime.c>
AddType application/x-javascript .js
AddType text/css .css
</IfModule>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/plain text/xml application/javascript
<IfModule mod_setenvif.c>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html
</IfModule>
</IfModule>
Header append Vary User-Agent env=!dont-vary
</Directory>
Anyone has any ideas about how to get it worked for Solaris 11 for Apache 2.4
Thanks in Advance.

Ansible lineinfile - apache virtual host block

I am trying to manage my apache http virtual host configuration file by ansible. I would like to insert a new line at a certain point in the file. Unfortunately, my ansible configuration is not right, because ansible always inserts the new line at the end of the file.
Here's the line I want to insert:
Header edit Set-Cookie (ADRU.*=.*);\s?HttpOnly$ $1
And that's the ansible task configuration I'm using. So as you can see I woud like to insert the new line before line 37, when the comment '# each header ...' starts.
- lineinfile:
path: /somewhere/default.conf
regexp: '^[ ]Header edit Set-Cookie (ADRU.*=.*);\s?HttpOnly$ $1'
insertbefore: '^[ \t]# each header may be up to 12392 bytes. This is the SPNEGO authentication header size limit.'
line: 'Header edit Set-Cookie (ADRU.*=.*);\s?HttpOnly$ $1'
And that's the default.conf
<VirtualHost 0.0.0.0:${JIVE_HTTPD_PORT}>
DocumentRoot "${JIVE_HOME}/var/www"
ErrorDocument 404 /___sbsstatic___/404.html
ErrorDocument 500 /___sbsstatic___/500.html
ErrorDocument 501 /___sbsstatic___/catchall.html
ErrorDocument 502 /___sbsstatic___/catchall.html
ErrorDocument 503 /___sbsstatic___/maintenance.html
ErrorDocument 504 /___sbsstatic___/maintenance.html
ErrorDocument 505 /___sbsstatic___/catchall.html
<Directory />
Options FollowSymLinks
Require all denied
</Directory>
<Directory ${JIVE_HOME}/applications/*/home/www>
Options FollowSymLinks
Require all granted
</Directory>
<Directory ${JIVE_HOME}/var/www/resources>
Options -Indexes
</Directory>
LogLevel info
CustomLog "${LOG_DIR}/jive-httpd-access.log" common
ErrorLog "${LOG_DIR}/jive-httpd-error.log"
RequestHeader set X-Forwarded-Secure "false"
ProxyRequests Off
ProxyPreserveHost on
Header edit Set-Cookie "(?<!;\sHttpOnly)$" ";HttpOnly"
# The JCAPI-Token (CSRF protection via double-submit cookie) needs to accessible, so strip HttpOnly
Header edit Set-Cookie (JCAPI-Token=.*);\s?HttpOnly$ $1
# each header may be up to 12392 bytes. This is the SPNEGO authentication header size limit.
LimitRequestFieldsize 12392
RewriteEngine On
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/images/(.*)$ /images/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/scripts/(.*)$ /scripts/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/styles/(.*)$ /styles/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/resources/(.*)$ /resources/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/__services/(.*)$ /__services/$1 [PT]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
# Replace double dashes on project urls to keep old links working on updated instances
RewriteRule ^(.*/projects/.*)--(.*)$ $1-$2 [L,R=301]
CacheMaxFileSize 5242880
CacheEnable mem /images/
CacheEnable mem /scripts/
CacheEnable mem /styles/
CacheEnable mem /resources/
CacheIgnoreHeaders Set-Cookie X-JIVE-USER-ID
# Header unset X-JIVE-USER-ID
ExpiresActive On
ExpiresDefault "now"
ExpiresByType image/gif "access plus 10 years"
ExpiresByType image/png "access plus 10 years"
ExpiresByType image/jpeg "access plus 10 years"
ExpiresByType image/x-icon "access plus 10 years"
ExpiresByType text/css "access plus 10 years"
ExpiresByType application/javascript "access plus 10 years"
ExpiresByType application/x-shockwave-flash "access plus 10 years"
<LocationMatch "\.(woff|eot|ttf|svg)$">
ExpiresDefault "access plus 10 years"
</LocationMatch>
ProxyPass /___sbsstatic___/ !
ProxyPass /images/ !
ProxyPass /styles/ !
ProxyPass /scripts/ !
ProxyPass /resources/scripts/ !
ProxyPass /resources/images/ !
ProxyPass /resources/styles/ !
ProxyPass /resources/statics/ !
Include sites/proxies/*.conf
Include sites/conf.d/*.conf
</VirtualHost>
<IfDefine SSL>
Listen ${SSL_PORT}
<VirtualHost 0.0.0.0:${SSL_PORT}>
DocumentRoot "${JIVE_HOME}/var/www"
ErrorDocument 404 /___sbsstatic___/404.html
ErrorDocument 500 /___sbsstatic___/500.html
ErrorDocument 501 /___sbsstatic___/catchall.html
ErrorDocument 502 /___sbsstatic___/catchall.html
ErrorDocument 503 /___sbsstatic___/maintenance.html
ErrorDocument 504 /___sbsstatic___/maintenance.html
ErrorDocument 505 /___sbsstatic___/catchall.html
<Directory />
Options FollowSymLinks
Require all granted
SSLRequireSSL
</Directory>
<Directory ${JIVE_HOME}/var/www/resources>
Options -Indexes
</Directory>
LogLevel info
CustomLog "${LOG_DIR}/jive-httpd-ssl-access.log" common
ErrorLog "${LOG_DIR}/jive-httpd-ssl-error.log"
RequestHeader set X-Forwarded-Secure "true"
ProxyRequests Off
ProxyPreserveHost On
RewriteEngine On
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/images/(.*)$ /images/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/scripts/(.*)$ /scripts/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/styles/(.*)$ /styles/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/resources/(.*)$ /resources/$1
RewriteRule ^/[0-9]\.[0-9]\.[0-9]{1,3}\.[0-9a-f]{1,10}/__services/(.*)$ /__services/$1 [PT]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
# Replace double dashes on project urls to keep old links working on updated instances
RewriteRule ^(.*/projects/.*)--(.*)$ $1-$2 [L,R=301]
CacheMaxFileSize 5242880
CacheEnable mem /styles/
CacheEnable mem /images/
CacheEnable mem /scripts/
CacheEnable mem /resources/
CacheIgnoreHeaders Set-Cookie X-JIVE-USER-ID
# Header unset X-JIVE-USER-ID
ExpiresActive On
ExpiresDefault "now"
ExpiresByType image/gif "access plus 10 years"
ExpiresByType image/png "access plus 10 years"
ExpiresByType image/jpeg "access plus 10 years"
ExpiresByType image/x-icon "access plus 10 years"
ExpiresByType text/css "access plus 10 years"
ExpiresByType application/javascript "access plus 10 years"
ExpiresByType application/x-shockwave-flash "access plus 10 years"
<LocationMatch "\.(woff|eot|ttf|svg)$">
ExpiresDefault "access plus 10 years"
</LocationMatch>
ProxyPass /___sbsstatic___/ !
ProxyPass /images/ !
ProxyPass /styles/ !
ProxyPass /scripts/ !
ProxyPass /resources/scripts/ !
ProxyPass /resources/images/ !
ProxyPass /resources/styles/ !
ProxyPass /resources/statics/ !
Include sites/proxies/*.conf
Include sites/conf.d/*.conf
SSLEngine on
SSLCipherSuite ALL:!ADH:!LOW:!EXP:!SSLv2:!NULL:RC4:RSA:HIGH:MEDIUM
SSLCertificateFile "${SSL_CERTIFICATE_FILE}"
SSLCertificateKeyFile "${SSL_CERTIFICATE_KEY_FILE}"
</VirtualHost>
</IfDefine>
It seems to be an issue with your insertbefore regex, specifically with the part [ \t].
I would go with \s* instead, which means one or more of any whitespace characters.
Also, you are using . as a token, not as an actual character of dot. You should escape it.
So it would be:
insertbefore: '^\s*# each header may be up to 12392 bytes\. This is the SPNEGO authentication header size limit\.'
I recommend website regex101.com where you can do online check of your regex with break-down explanation of your regex pattern.
Your specific inputs with my suggestions are pre-filled in this link.
An option would be to use template and put configurations of virtual hosts to separate files
- name: "httpd-vhosts: Configure virtual hosts in {{ apache_conf_path }}/extra/"
template:
src: "vhost.j2"
dest: "{{ apache_conf_path }}/extra/{{ item.ServerName }}.conf"
....
and include these files in httpd.conf
- name: "httpd-vhosts: Incl virtual hosts in {{ apache_conf_path }}/httpd.conf"
lineinfile:
dest: "{{ apache_conf_path }}/httpd.conf"
regexp: "^Include etc/apache{{ apache_version }}/extra/{{ item.ServerName }}.conf"
line: "Include etc/apache{{ apache_version }}/extra/{{ item.ServerName }}.conf"
...
Details are available in httpd-vhosts.yml and vhost.j2. FWIW, here is the Apache Galaxy role.

Need for character escaping in Apache FilesMatch

should the dot character be escaped in this situation:
<FilesMatch "^/(app.csv|translation.csv*)$">
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</FilesMatch>
Such as:
<FilesMatch "^/(app\.csv|translation\.csv*)$">
Or is Apache able to understand that this is a file extension?

Cache control by htaccess with condition

I have cache control set by htaccess for all images by this
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A600
ExpiresByType image/gif A604800
ExpiresByType image/png A604800
ExpiresByType image/jpeg A604800
</IfModule>
It works great, but I have also pictures from web camera, which change every 20 minutes. So I need to cache all images except these from camera.
I can write regular expression for those from web camera, they have name which others pictures never can have. But how to put there some condition?
You can disable cache for certain matching files :
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A600
ExpiresByType image/gif A604800
ExpiresByType image/png A604800
ExpiresByType image/jpeg A604800
</IfModule>
# disable caching for IMG_20130420_535615.jpg type of files
<FilesMatch "IMG_[0-9]+_[0-9]+\.jpg$">
FileETag None
<ifModule mod_headers.c>
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Tue, 14 Jan 1975 01:00:00 GMT"
</ifModule>
</FilesMatch>

Some questions about caching

I am using apache webserver for a django application. How, do I set caching for images and css? I ran a webpagetest on my website, and it says "expiration not specified" for css and images. But, when I use Firebug, for css files, firebug shows requests and response headers, as well as in cache tab it shows
Device: Disk
and no requests are shown for images. So, I am a bit confused. Whats happening here.?
I usually have this config for django static files in my apache vhost :
Alias /static/ "/home/django/projectName/static/"
<Directory "/home/django/projectName/static">
Order allow,deny
Allow from all
Options +FollowSymLinks
ExpiresActive On
ExpiresByType image/gif A1209600
ExpiresByType image/jpeg A1209600
ExpiresByType image/png A1209600
ExpiresByType text/css A1209600
ExpiresByType text/javascript A1209600
ExpiresByType application/x-javascript A1209600
<FilesMatch "\.(css|js|gz|png|gif|jpe?g|flv|swf|ico|pdf|txt|html|htm)$">
ContentDigest On
FileETag MTime Size
</FilesMatch>
</Directory>
Remember to not use the django static.serve view in production.
Also use Ctrl+Shift+R to do a full reload in Firefox (override cache)