SetOutputFilter DEFLATE # Set XSS Protection header Header set X-XSS-Protection "1; mode=block" # Turn on Expires and set default to 0 ExpiresActive On ExpiresDefault A0 # Set up caching on media files for 1 year (forever?) ExpiresDefault A29030400 Header append Cache-Control "public" # Set up caching on media files for 1 week ExpiresDefault A2592000 Header append Cache-Control "public" # Set up 2 Hour caching on commonly updated files ExpiresDefault A604800 Header append Cache-Control "proxy-revalidate" # Force no caching for dynamic files ExpiresActive Off Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform" Header set Pragma "no-cache" # Add correct content-type for fonts AddType application/vnd.ms-fontobject .eot AddType application/x-font-ttf .ttf AddType application/x-font-opentype .otf AddType application/x-font-woff .woff AddType image/svg+xml .svg # Compress compressible fonts AddOutputFilterByType DEFLATE application/x-font-ttf application/x-font-opentype image/svg+xml ExpiresActive on # Add a far future Expires header for fonts ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType application/x-font-ttf "access plus 1 year" ExpiresByType application/x-font-opentype "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresActive On ExpiresDefault "access plus 1 month" Header set Cache-Control "public, immutable, max-age=31536000, s-maxage=31536000" Header set Access-Control-Allow-Origin "*"