Core PHP .htaccess cleanup

August 7, 2025 · AI Conversations

User
# BEGIN WP Rocket v3.12.1
# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset UTF-8
# Force UTF-8 for a number of file formats

AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml

# BEGIN Boxoffice Rules

RewriteEngine On
RewriteBase /

# Allow direct access to API directory
RewriteRule ^api/ – [L]

#checkout stuff
RewriteRule ^success/?$ success.php [L,QSA]

#download stuff
RewriteRule ^download/?$ download.php [L,QSA]

# Don't rewrite for the boxoffice directory
RewriteRule ^boxoffice/ – [L]

# END Boxoffice Rules

# FileETag None is not enough for every server.

Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
Header unset ETag

# Since we're sending far-future expires, we don't need ETags for static content.
# developer.yahoo.com/performance/rules.html#etags
FileETag None

Header set X-Powered-By "WP Rocket/3.12.1"
Header unset Pragma
Header append Cache-Control "public"
Header unset Last-Modified

Header unset Pragma
Header append Cache-Control "public"

AddType image/avif avif
AddType image/avif-sequence avifs

# Expires headers (for better cache control)

ExpiresActive on
ExpiresDefault "access plus 1 month"
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Your document html
ExpiresByType text/html "access plus 0 seconds"
# Data
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
# Feed
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
# Favicon (cannot be renamed)
ExpiresByType image/x-icon "access plus 1 week"
# Media: images, video, audio
ExpiresByType image/gif "access plus 4 months"
ExpiresByType image/png "access plus 4 months"
ExpiresByType image/jpeg "access plus 4 months"
ExpiresByType image/webp "access plus 4 months"
ExpiresByType video/ogg "access plus 4 months"
ExpiresByType audio/ogg "access plus 4 months"
ExpiresByType video/mp4 "access plus 4 months"
ExpiresByType video/webm "access plus 4 months"
ExpiresByType image/avif "access plus 4 months"
ExpiresByType image/avif-sequence "access plus 4 months"
# HTC files (css3pie)
ExpiresByType text/x-component "access plus 1 month"
# Webfonts
ExpiresByType font/ttf "access plus 4 months"
ExpiresByType font/otf "access plus 4 months"
ExpiresByType font/woff "access plus 4 months"
ExpiresByType font/woff2 "access plus 4 months"
ExpiresByType image/svg+xml "access plus 4 months"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"

# Gzip compression

# Active compression
SetOutputFilter DEFLATE
# Force deflate for mangled headers

SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)s*,?s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
# Don't compress images and other uncompressible content
SetEnvIfNoCase Request_URI
.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary

# Compress all output labeled with one of the following MIME-types

AddOutputFilterByType DEFLATE application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/html
text/plain
text/x-component
text/xml

Header append Vary: Accept-Encoding

AddType text/html .html_gzip
AddEncoding gzip .html_gzip

SetEnvIfNoCase Request_URI .html_gzip$ no-gzip

RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} on [OR]
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* – [E=WPR_SSL:-https]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* – [E=WPR_ENC:_gzip]
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_.+|wp-postpass_|wptouch_switch_toggle|comment_author_|comment_author_email_) [NC]
RewriteCond %{REQUEST_URI} !^(/(?:.+/)?feed(?:/(?:.+/?)?)?$|/(?:.+/)?embed/|/(index.php/)?wp-json(/.*|$))$ [NC]
RewriteCond %{HTTP_USER_AGENT} !^(facebookexternalhit|WhatsApp).* [NC]
RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" -f
RewriteRule .* "/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" [L]

# END WP Rocket
# This file was updated by Duplicator on 2017-07-14 17:17:39. See .htaccess.orig for the original .htaccess file.
# Please note that other plugins and resources write to this file. If the time-stamp above is different
# than the current time-stamp on the file system then another resource has updated this file.
# Duplicator only writes to this file once during the install process while running the installer.php file.
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

RewriteEngine On
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /

RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
RewriteCond %{QUERY_STRING} ^event_id=348$
RewriteRule ^buy-tickets/?$ /index.php [R=301,L]

# END WordPress
# BEGIN ShortPixelWebp
# The directives (lines) between "BEGIN ShortPixelWebp" and "END ShortPixelWebp" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

# END ShortPixelWebp

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

# END cPanel-generated php ini directives, do not edit

# php — BEGIN cPanel-generated handler, do not edit
# Set the “ea-php83” package as the default “PHP” programming language.

AddHandler application/x-httpd-ea-php83 .php .php8 .phtml

# php — END cPanel-generated handler, do not edit

# Redirect old Our Acts slug to new one
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php
Now we have removed wordpress and replaced it with core php site so please adjust above .htaccess accordingly

Assistant
Since you've removed WordPress and switched to a core PHP site, the `.htaccess` should be simplified by **removing all WordPress-specific and plugin-generated rules**, while retaining the essentials like:

– Rewrite rules for custom paths (like `/download`, `/success`, etc.)
– GZIP, cache, headers, and MIME configurations
– PHP configuration (from cPanel)
– Redirections

Here’s your cleaned and **core-PHP-friendly `.htaccess`**:

# BEGIN Custom PHP Site .htaccess

# Use UTF-8 encoding for text content
AddDefaultCharset UTF-8
<IfModule mod_mime.c>
    AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
    AddType image/avif avif
    AddType image/avif-sequence avifs
</IfModule>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    # Allow direct access to API directory
    RewriteRule ^api/ - [L]

    # Checkout logic
    RewriteRule ^success/?$ success.php [L,QSA]

    # Download logic
    RewriteRule ^download/?$ download.php [L,QSA]

    # Don’t rewrite /boxoffice
    RewriteRule ^boxoffice/ - [L]

    # Example of legacy redirect (if needed)
    RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
    RewriteCond %{QUERY_STRING} ^event_id=348$
    RewriteRule ^buy-tickets/?$ /index.php [R=301,L]
</IfModule>

<IfModule mod_headers.c>
    Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
    Header unset ETag
    Header append Vary: Accept-Encoding
</IfModule>

# Disable ETag
FileETag None

# Cache-Control Headers
<IfModule mod_alias.c>
    <FilesMatch ".(html|htm|rtf|rtx|txt|xsd|xsl|xml)$">
        <IfModule mod_headers.c>
            Header set X-Powered-By "Custom-PHP"
            Header unset Pragma
            Header append Cache-Control "public"
            Header unset Last-Modified
        </IfModule>
    </FilesMatch>
    <FilesMatch ".(css|js|jpg|jpeg|png|webp|gif|svg|pdf|mp4|woff|woff2|ttf|otf|eot|zip)$">
        <IfModule mod_headers.c>
            Header unset Pragma
            Header append Cache-Control "public"
        </IfModule>
    </FilesMatch>
</IfModule>

# Expires headers for static assets
<IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault                              "access plus 1 month"
    ExpiresByType text/html                     "access plus 0 seconds"
    ExpiresByType application/json              "access plus 0 seconds"
    ExpiresByType image/png                     "access plus 4 months"
    ExpiresByType image/jpeg                    "access plus 4 months"
    ExpiresByType image/webp                    "access plus 4 months"
    ExpiresByType image/avif                    "access plus 4 months"
    ExpiresByType text/css                      "access plus 1 year"
    ExpiresByType application/javascript        "access plus 1 year"
    ExpiresByType font/woff2                    "access plus 4 months"
</IfModule>

# Gzip Compression
<IfModule mod_deflate.c>
    SetOutputFilter DEFLATE
    <IfModule mod_setenvif.c>
        SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png|pdf|mp4|zip|webp|avif)$ no-gzip dont-vary
    </IfModule>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE text/plain text/html text/css application/json application/javascript application/xml image/svg+xml
    </IfModule>
</IfModule>

# PHP Settings - cPanel-generated
<IfModule php8_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 3000
   php_value memory_limit 512M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 20M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 3000
   php_value memory_limit 512M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 20M
   php_flag zlib.output_compression Off
</IfModule>

# PHP Handler
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php83 .php .php8 .phtml
</IfModule>

# Legacy Redirects
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php

# END Custom PHP Site .htaccess

### ✅ Summary of What Was Removed:
– `# BEGIN WordPress` to `# END WordPress`
– `# BEGIN WP Rocket` cache-specific rules tied to WordPress
– `# BEGIN ShortPixelWebp` (WordPress plugin)
– Any WordPress login/session-related cookie conditions
– Feed and `wp-json` rewrite exceptions
– Rocket-generated file path rewrites

Let me know if:
– You are keeping any WordPress subfolders (like `/blog/`)
– You need to protect `/admin` or `/api` with extra rules
– You want to apply HTTPS-only or canonical URL redirection (`www` vs non-`www`)

User
# BEGIN WP Rocket v3.12.1
# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset UTF-8
# Force UTF-8 for a number of file formats

AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml

# BEGIN Boxoffice Rules

RewriteEngine On
RewriteBase /

# Allow direct access to API directory
RewriteRule ^api/ – [L]

#checkout stuff
RewriteRule ^success/?$ success.php [L,QSA]

#download stuff
RewriteRule ^download/?$ download.php [L,QSA]

# Don't rewrite for the boxoffice directory
RewriteRule ^boxoffice/ – [L]

# END Boxoffice Rules

# FileETag None is not enough for every server.

Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
Header unset ETag

# Since we're sending far-future expires, we don't need ETags for static content.
# developer.yahoo.com/performance/rules.html#etags
FileETag None

Header set X-Powered-By "WP Rocket/3.12.1"
Header unset Pragma
Header append Cache-Control "public"
Header unset Last-Modified

Header unset Pragma
Header append Cache-Control "public"

AddType image/avif avif
AddType image/avif-sequence avifs

# Expires headers (for better cache control)

ExpiresActive on
ExpiresDefault "access plus 1 month"
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Your document html
ExpiresByType text/html "access plus 0 seconds"
# Data
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
# Feed
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
# Favicon (cannot be renamed)
ExpiresByType image/x-icon "access plus 1 week"
# Media: images, video, audio
ExpiresByType image/gif "access plus 4 months"
ExpiresByType image/png "access plus 4 months"
ExpiresByType image/jpeg "access plus 4 months"
ExpiresByType image/webp "access plus 4 months"
ExpiresByType video/ogg "access plus 4 months"
ExpiresByType audio/ogg "access plus 4 months"
ExpiresByType video/mp4 "access plus 4 months"
ExpiresByType video/webm "access plus 4 months"
ExpiresByType image/avif "access plus 4 months"
ExpiresByType image/avif-sequence "access plus 4 months"
# HTC files (css3pie)
ExpiresByType text/x-component "access plus 1 month"
# Webfonts
ExpiresByType font/ttf "access plus 4 months"
ExpiresByType font/otf "access plus 4 months"
ExpiresByType font/woff "access plus 4 months"
ExpiresByType font/woff2 "access plus 4 months"
ExpiresByType image/svg+xml "access plus 4 months"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"

# Gzip compression

# Active compression
SetOutputFilter DEFLATE
# Force deflate for mangled headers

SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)s*,?s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
# Don't compress images and other uncompressible content
SetEnvIfNoCase Request_URI
.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary

# Compress all output labeled with one of the following MIME-types

AddOutputFilterByType DEFLATE application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/html
text/plain
text/x-component
text/xml

Header append Vary: Accept-Encoding

AddType text/html .html_gzip
AddEncoding gzip .html_gzip

SetEnvIfNoCase Request_URI .html_gzip$ no-gzip

RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} on [OR]
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* – [E=WPR_SSL:-https]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* – [E=WPR_ENC:_gzip]
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_.+|wp-postpass_|wptouch_switch_toggle|comment_author_|comment_author_email_) [NC]
RewriteCond %{REQUEST_URI} !^(/(?:.+/)?feed(?:/(?:.+/?)?)?$|/(?:.+/)?embed/|/(index.php/)?wp-json(/.*|$))$ [NC]
RewriteCond %{HTTP_USER_AGENT} !^(facebookexternalhit|WhatsApp).* [NC]
RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" -f
RewriteRule .* "/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" [L]

# END WP Rocket
# This file was updated by Duplicator on 2017-07-14 17:17:39. See .htaccess.orig for the original .htaccess file.
# Please note that other plugins and resources write to this file. If the time-stamp above is different
# than the current time-stamp on the file system then another resource has updated this file.
# Duplicator only writes to this file once during the install process while running the installer.php file.
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

RewriteEngine On
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /

RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
RewriteCond %{QUERY_STRING} ^event_id=348$
RewriteRule ^buy-tickets/?$ /index.php [R=301,L]

# END WordPress
# BEGIN ShortPixelWebp
# The directives (lines) between "BEGIN ShortPixelWebp" and "END ShortPixelWebp" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

# END ShortPixelWebp

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

# END cPanel-generated php ini directives, do not edit

# php — BEGIN cPanel-generated handler, do not edit
# Set the “ea-php83” package as the default “PHP” programming language.

AddHandler application/x-httpd-ea-php83 .php .php8 .phtml

# php — END cPanel-generated handler, do not edit

# Redirect old Our Acts slug to new one
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php

same apply here

Assistant
Below is the **cleaned and optimized `.htaccess`** file for your **Core PHP setup**, based on the full code you just provided.

### ✅ What’s Done:
– Removed **WordPress-specific rules** (`BEGIN WordPress`, `ShortPixelWebp`, `WP Rocket rewrites`, `Duplicator`).
– Preserved:
– Your **custom routes** (`/success`, `/download`, `/api`, `/boxoffice`).
– GZIP, cache, and headers for performance.
– cPanel PHP settings and handlers.
– Legacy 301 redirects.
– Cleaned and organized for clarity.

### ✅ Final Clean `.htaccess` for Core PHP:

# BEGIN Core PHP Site Configuration

# Use UTF-8 encoding
AddDefaultCharset UTF-8

<IfModule mod_mime.c>
    AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
    AddType image/avif avif
    AddType image/avif-sequence avifs
    AddType text/html .html_gzip
    AddEncoding gzip .html_gzip
</IfModule>

<IfModule mod_headers.c>
    Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
    Header unset ETag
    Header append Vary: Accept-Encoding
</IfModule>

FileETag None

# Caching rules
<IfModule mod_alias.c>
<FilesMatch ".(html|htm|rtf|rtx|txt|xsd|xsl|xml)$">
    <IfModule mod_headers.c>
        Header set X-Powered-By "Custom-PHP"
        Header unset Pragma
        Header append Cache-Control "public"
        Header unset Last-Modified
    </IfModule>
</FilesMatch>
<FilesMatch ".(css|js|jpe?g|png|webp|gif|svg|woff2?|ttf|otf|eot|mp4|pdf|zip)$">
    <IfModule mod_headers.c>
        Header unset Pragma
        Header append Cache-Control "public"
    </IfModule>
</FilesMatch>
</IfModule>

# Expires headers
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault "access plus 1 month"
    ExpiresByType text/html "access plus 0 seconds"
    ExpiresByType application/json "access plus 0 seconds"
    ExpiresByType image/png "access plus 4 months"
    ExpiresByType image/jpeg "access plus 4 months"
    ExpiresByType image/webp "access plus 4 months"
    ExpiresByType image/avif "access plus 4 months"
    ExpiresByType text/css "access plus 1 year"
    ExpiresByType application/javascript "access plus 1 year"
    ExpiresByType font/woff2 "access plus 4 months"
</IfModule>

# GZIP compression
<IfModule mod_deflate.c>
    SetOutputFilter DEFLATE
    <IfModule mod_setenvif.c>
        SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png|pdf|mp4|zip|webp|avif)$ no-gzip dont-vary
    </IfModule>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE text/plain text/html text/css application/json application/javascript application/xml image/svg+xml
    </IfModule>
</IfModule>

<IfModule mod_setenvif.c>
    SetEnvIfNoCase Request_URI .html_gzip$ no-gzip
</IfModule>

# Rewrite Rules
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    # Allow direct access to API directory
    RewriteRule ^api/ - [L]

    # Checkout and download routes
    RewriteRule ^success/?$ success.php [L,QSA]
    RewriteRule ^download/?$ download.php [L,QSA]

    # Don't rewrite for the boxoffice directory
    RewriteRule ^boxoffice/ - [L]

    # Optional legacy query-based redirect
    RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
    RewriteCond %{QUERY_STRING} ^event_id=348$
    RewriteRule ^buy-tickets/?$ /index.php [R=301,L]
</IfModule>

# PHP Configuration - cPanel
<IfModule php8_module>
    php_flag display_errors Off
    php_value max_execution_time 120
    php_value max_input_time 60
    php_value max_input_vars 3000
    php_value memory_limit 512M
    php_value post_max_size 8M
    php_value session.gc_maxlifetime 1440
    php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
    php_value upload_max_filesize 20M
    php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
    php_flag display_errors Off
    php_value max_execution_time 120
    php_value max_input_time 60
    php_value max_input_vars 3000
    php_value memory_limit 512M
    php_value post_max_size 8M
    php_value session.gc_maxlifetime 1440
    php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
    php_value upload_max_filesize 20M
    php_flag zlib.output_compression Off
</IfModule>

# PHP handler
<IfModule mime_module>
    AddHandler application/x-httpd-ea-php83 .php .php8 .phtml
</IfModule>

# Redirects for legacy slugs
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php

# END Core PHP Site Configuration

### ✅ Optional Suggestions
– If you want to **force HTTPS**, I can add that rule.
– If you want to **redirect `www` to non-`www` or vice versa**, I can add that too.
– Let me know if `/index.php` is your homepage, or if you’re using `/home.php`, etc., to adjust rules accordingly.

Let me know if you'd like a downloadable version or help deploying it on your server.

User
# BEGIN WP Rocket v3.12.1
# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset UTF-8
# Force UTF-8 for a number of file formats

AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml

# BEGIN Boxoffice Rules

RewriteEngine On
RewriteBase /

# Allow direct access to API directory
RewriteRule ^api/ – [L]

#checkout stuff
RewriteRule ^success/?$ success.php [L,QSA]

#download stuff
RewriteRule ^download/?$ download.php [L,QSA]

# Don't rewrite for the boxoffice directory
RewriteRule ^boxoffice/ – [L]

# END Boxoffice Rules

# FileETag None is not enough for every server.

Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
Header unset ETag

# Since we're sending far-future expires, we don't need ETags for static content.
# developer.yahoo.com/performance/rules.html#etags
FileETag None

Header set X-Powered-By "WP Rocket/3.12.1"
Header unset Pragma
Header append Cache-Control "public"
Header unset Last-Modified

Header unset Pragma
Header append Cache-Control "public"

AddType image/avif avif
AddType image/avif-sequence avifs

# Expires headers (for better cache control)

ExpiresActive on
ExpiresDefault "access plus 1 month"
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Your document html
ExpiresByType text/html "access plus 0 seconds"
# Data
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
# Feed
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
# Favicon (cannot be renamed)
ExpiresByType image/x-icon "access plus 1 week"
# Media: images, video, audio
ExpiresByType image/gif "access plus 4 months"
ExpiresByType image/png "access plus 4 months"
ExpiresByType image/jpeg "access plus 4 months"
ExpiresByType image/webp "access plus 4 months"
ExpiresByType video/ogg "access plus 4 months"
ExpiresByType audio/ogg "access plus 4 months"
ExpiresByType video/mp4 "access plus 4 months"
ExpiresByType video/webm "access plus 4 months"
ExpiresByType image/avif "access plus 4 months"
ExpiresByType image/avif-sequence "access plus 4 months"
# HTC files (css3pie)
ExpiresByType text/x-component "access plus 1 month"
# Webfonts
ExpiresByType font/ttf "access plus 4 months"
ExpiresByType font/otf "access plus 4 months"
ExpiresByType font/woff "access plus 4 months"
ExpiresByType font/woff2 "access plus 4 months"
ExpiresByType image/svg+xml "access plus 4 months"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"

# Gzip compression

# Active compression
SetOutputFilter DEFLATE
# Force deflate for mangled headers

SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)s*,?s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
# Don't compress images and other uncompressible content
SetEnvIfNoCase Request_URI
.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary

# Compress all output labeled with one of the following MIME-types

AddOutputFilterByType DEFLATE application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/html
text/plain
text/x-component
text/xml

Header append Vary: Accept-Encoding

AddType text/html .html_gzip
AddEncoding gzip .html_gzip

SetEnvIfNoCase Request_URI .html_gzip$ no-gzip

RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} on [OR]
RewriteCond %{SERVER_PORT} ^443$ [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} https
RewriteRule .* – [E=WPR_SSL:-https]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* – [E=WPR_ENC:_gzip]
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP:Cookie} !(wordpress_logged_in_.+|wp-postpass_|wptouch_switch_toggle|comment_author_|comment_author_email_) [NC]
RewriteCond %{REQUEST_URI} !^(/(?:.+/)?feed(?:/(?:.+/?)?)?$|/(?:.+/)?embed/|/(index.php/)?wp-json(/.*|$))$ [NC]
RewriteCond %{HTTP_USER_AGENT} !^(facebookexternalhit|WhatsApp).* [NC]
RewriteCond "%{DOCUMENT_ROOT}/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" -f
RewriteRule .* "/wp-content/cache/wp-rocket/%{HTTP_HOST}%{REQUEST_URI}/index%{ENV:WPR_SSL}%{ENV:WPR_WEBP}.html%{ENV:WPR_ENC}" [L]

# END WP Rocket
# This file was updated by Duplicator on 2017-07-14 17:17:39. See .htaccess.orig for the original .htaccess file.
# Please note that other plugins and resources write to this file. If the time-stamp above is different
# than the current time-stamp on the file system then another resource has updated this file.
# Duplicator only writes to this file once during the install process while running the installer.php file.
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

RewriteEngine On
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /

RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
RewriteCond %{QUERY_STRING} ^event_id=348$
RewriteRule ^buy-tickets/?$ /index.php [R=301,L]

# END WordPress
# BEGIN ShortPixelWebp
# The directives (lines) between "BEGIN ShortPixelWebp" and "END ShortPixelWebp" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

# END ShortPixelWebp

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

php_flag display_errors Off
php_value max_execution_time 120
php_value max_input_time 60
php_value max_input_vars 3000
php_value memory_limit 512M
php_value post_max_size 8M
php_value session.gc_maxlifetime 1440
php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
php_value upload_max_filesize 20M
php_flag zlib.output_compression Off

# END cPanel-generated php ini directives, do not edit

# php — BEGIN cPanel-generated handler, do not edit
# Set the “ea-php83” package as the default “PHP” programming language.

AddHandler application/x-httpd-ea-php83 .php .php8 .phtml

# php — END cPanel-generated handler, do not edit

# Redirect old Our Acts slug to new one
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php

apply above

Assistant
Here is your **cleaned and updated `.htaccess` file**, correctly adjusted for a **Core PHP site (no longer using WordPress)** while **keeping all the valid optimizations and redirections**:

# BEGIN Boxoffice PHP Site Rules

# Use UTF-8 encoding for all text files
AddDefaultCharset UTF-8
<IfModule mod_mime.c>
    AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
    AddType image/avif avif
    AddType image/avif-sequence avifs
</IfModule>

# Rewrite rules
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    # Direct access for specific folders
    RewriteRule ^api/ - [L]
    RewriteRule ^boxoffice/ - [L]

    # Checkout & download routes
    RewriteRule ^success/?$ success.php [L,QSA]
    RewriteRule ^download/?$ download.php [L,QSA]

    # Legacy redirect
    RewriteCond %{REQUEST_URI} ^/buy-tickets/?$
    RewriteCond %{QUERY_STRING} ^event_id=348$
    RewriteRule ^buy-tickets/?$ /index.php [R=301,L]
</IfModule>

# Security & headers
<IfModule mod_headers.c>
    Header set Content-Security-Policy "frame-ancestors 'self' https://pay.google.com"
    Header unset ETag
    Header append Vary: Accept-Encoding
</IfModule>

# Disable ETag
FileETag None

# Cache control
<IfModule mod_alias.c>
    <FilesMatch ".(html|htm|rtf|rtx|txt|xsd|xsl|xml)$">
        <IfModule mod_headers.c>
            Header set X-Powered-By "BoxofficePHP"
            Header unset Pragma
            Header append Cache-Control "public"
            Header unset Last-Modified
        </IfModule>
    </FilesMatch>
    <FilesMatch ".(css|js|jpe?g|png|webp|svg|woff2?|ttf|otf|eot|pdf|mp4|zip)$">
        <IfModule mod_headers.c>
            Header unset Pragma
            Header append Cache-Control "public"
        </IfModule>
    </FilesMatch>
</IfModule>

# Expires headers
<IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault "access plus 1 month"

    ExpiresByType text/html                     "access plus 0 seconds"
    ExpiresByType application/json              "access plus 0 seconds"
    ExpiresByType text/css                      "access plus 1 year"
    ExpiresByType application/javascript        "access plus 1 year"
    ExpiresByType image/jpeg                    "access plus 4 months"
    ExpiresByType image/png                     "access plus 4 months"
    ExpiresByType image/webp                    "access plus 4 months"
    ExpiresByType image/avif                    "access plus 4 months"
    ExpiresByType font/woff2                    "access plus 4 months"
    ExpiresByType font/woff                     "access plus 4 months"
    ExpiresByType font/ttf                      "access plus 4 months"
    ExpiresByType font/otf                      "access plus 4 months"
    ExpiresByType image/x-icon                  "access plus 1 week"
</IfModule>

# Gzip Compression
<IfModule mod_deflate.c>
    SetOutputFilter DEFLATE
    <IfModule mod_setenvif.c>
        <IfModule mod_headers.c>
            SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)s*,?s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
            RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
            SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png|pdf|mp4|webp|avif|zip)$ no-gzip dont-vary
        </IfModule>
    </IfModule>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE application/javascript application/json application/xml text/css text/html text/plain image/svg+xml
    </IfModule>
</IfModule>

# HTML Gzip files support
<IfModule mod_mime.c>
    AddType text/html .html_gzip
    AddEncoding gzip .html_gzip
</IfModule>
<IfModule mod_setenvif.c>
    SetEnvIfNoCase Request_URI .html_gzip$ no-gzip
</IfModule>

# PHP version and limits from cPanel
<IfModule php8_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 3000
   php_value memory_limit 512M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 20M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 120
   php_value max_input_time 60
   php_value max_input_vars 3000
   php_value memory_limit 512M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 20M
   php_flag zlib.output_compression Off
</IfModule>

# PHP Handler
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php83 .php .php8 .phtml
</IfModule>

# Permanent Redirects
Redirect 301 /our-acts-2/ /our_acts.php
Redirect 301 /tour-dates/ /index.php
Redirect 301 /corporate/ /corporate.php
Redirect 301 /contact/ /contact.php

# END Boxoffice PHP Site Rules

### ✅ Key Improvements:
– **All WordPress-specific rules (WP Rocket, WP JSON, cookies, feed, ShortPixel)** are removed.
– **Kept Boxoffice-specific rewrites (`success.php`, `download.php`, etc.)**
– **Retained cPanel PHP settings and handler**
– **Retained and cleaned GZIP, cache, expires, and content-security headers**

This `.htaccess` is now fully optimized for a Core PHP environment. You can safely replace your current `.htaccess` with this one.

Let me know if you also need:
– HTTPS redirection (`http` → `https`)
– `www` vs `non-www` redirection
– IP blocking or admin access restriction
– Directory index customization

Leave a Comment

Your email address will not be published. Required fields are marked *