<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteRule ^(.*)api.php - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
	#RewriteCond %{SERVER_PORT}   !^443$
	#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>

# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8
AddType application/javascript .js

# ----------------------------------------------------------------------
# Expires headers (for better cache control)
# ----------------------------------------------------------------------

<IfModule mod_expires.c>
  ExpiresActive on
# Perhaps better to whitelist expires rules? Perhaps.
  ExpiresDefault                          "access plus 0 seconds"
  ExpiresByType text/cache-manifest       "access plus 0 seconds"
  ExpiresByType text/html                 "access plus 0 seconds"
  ExpiresByType text/xml                  "access plus 0 seconds"
  ExpiresByType application/xml           "access plus 0 seconds"
  ExpiresByType application/json          "access plus 0 seconds"
  ExpiresByType application/rss+xml       "access plus 0 seconds"
  ExpiresByType application/atom+xml      "access plus 0 seconds"
  ExpiresByType image/x-icon              "access plus 0 seconds" 
  ExpiresByType image/gif                 "access plus 0 seconds"
  ExpiresByType image/png                 "access plus 0 seconds"
  ExpiresByType image/jpg                 "access plus 0 seconds"
  ExpiresByType image/jpeg                "access plus 0 seconds"
  ExpiresByType video/ogg                 "access plus 0 seconds"
  ExpiresByType audio/ogg                 "access plus 0 seconds"
  ExpiresByType video/mp4                 "access plus 0 seconds"
  ExpiresByType video/webm                "access plus 0 seconds"
  ExpiresByType text/x-component          "access plus 0 seconds"
  ExpiresByType font/truetype             "access plus 0 seconds"
  ExpiresByType font/opentype             "access plus 0 seconds"
  ExpiresByType application/x-font-woff   "access plus 0 seconds"
  ExpiresByType image/svg+xml             "access plus 0 seconds"
  ExpiresByType application/vnd.ms-fontobject "access plus 0 seconds"
  ExpiresByType text/css                  "access plus 0 seconds"
  ExpiresByType application/javascript    "access plus 0 seconds"
  ExpiresByType application/x-javascript  "access plus 0 seconds"
  <IfModule mod_headers.c>
    Header append Cache-Control "public"
  </IfModule>
</IfModule>

# BEGIN Cache-Control Headers
<IfModule mod_headers.c>
	<filesmatch "\\.(ico|jpe?g|png|gif|swf)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>
	<filesmatch "\\.(css)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>
	<filesmatch "\\.(js)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>
	<filesmatch "\\.(jgz)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>
	<filesmatch "\\.(ico)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>	
	<filesmatch "\\.(html)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>	
	<filesmatch "\\.(woff)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>	
	<filesmatch "^(gm_javascript|cseo_css_admin)\\.(php)$">
		Header set Cache-Control "max-age=5, public"
	</filesmatch>
	Header unset ETag
	<filesmatch "\.(js|css|xml|gz|jgz)$">
		Header append Vary: Accept-Encoding
	</filesmatch>
	Header set Strict-Transport-Security "max-age=5" env=HTTPS
</IfModule>

<IfModule mod_deflate.c>
<filesmatch "\\.(js|css|html|htm|php|xml|ttf|woff|woff2)$">
SetOutputFilter DEFLATE
</filesmatch>
# Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/
	<IfModule mod_setenvif.c>
	  <IfModule mod_headers.c>
		SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
		RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
	  </IfModule>
	</IfModule>
</IfModule>

# developer.yahoo.com/performance/rules.html#etags
FileETag None


<ifModule mod_headers.c>
	Header set X-Content-Type-Options: nosniff
	Header set X-Powered-By: nosniff
</ifModule>

<IfModule mod_rewrite.c>
	RewriteEngine On

	# Editieren Sie die untenstehende Zeile wenn ihr Shop in einem Unterordner läuft.
	# Aber auch wenn Sie einen Fehler 500 (Internal Server Error) bekommen.
	# Beispiel: Ist ihr Shop im Verzeichnis www.domain.de/shop ändern Sie die Zeile wie folgt: "RewriteBase /shop/"
	#RewriteBase /
	
	# Javascripte gezip ausliefern
	RewriteCond %{HTTP:Accept-Encoding} gzip
	RewriteCond %{REQUEST_FILENAME}.jgz -f
	RewriteRule (.*)\.js$ $1\.js.jgz [L]
	AddType "text/javascript" .js.jgz
	AddEncoding gzip .jgz
	
	#Sicherheit
	## Begin - Rewrite rules to block out some common exploits.
	# If you experience problems on your site block out the operations listed below
	# Block out any script trying to base64_encode data within the URL.
	RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
	# Block out any script that includes a <script> tag in URL.
	RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
	# Block out any script trying to set a PHP GLOBALS variable via URL.
	RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
	# Block out any script trying to modify a _REQUEST variable via URL.
	RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
	# Return 403 Forbidden header and show the content of the root homepage
	RewriteRule .* index.php [F]
	#
	## End - Rewrite rules to block out some common exploits.
	# Port Scanner
	RewriteCond %{HTTP_USER_AGENT} 					^w00tw00t.at.ISC.SANS.DFind
	RewriteRule ^.*$ 								403.php [L]
	
	# sitemap.xml auf Dynamische umleiten
	RewriteRule ^(.*)sitemap.xml$					sitemap-xml.php [qsappend,L]
	
	# Umleitung auf Adresse mit www, wenn www fehlt und nicht Subdomain und nicht localhost und nicht ssl.webpack.de
	RewriteCond %{HTTP:X-Forwarded-Server} 	!^ssl\.webpack\.de$ [NC]
	RewriteCond %{HTTP:X-Forwarded-Server} 	!^sslsites\.de$ [NC]
	RewriteCond %{HTTP_HOST}   				!^www\..* [NC]
	RewriteCond %{HTTP_HOST}   				!^.*\..*\..* [NC]
	RewriteCond %{HTTP_HOST}   				!^localhost(.*)$ [NC]
	RewriteRule ^(.*)          				http://www.%{HTTP_HOST}/$1 [R=301,L]
	
	# immer auf den root verweisen, damit die Startseite (/index.php) nicht zweimal vorkommt
	# die folgenden beiden Zeilen auskommentieren wenn Sie eine index.html nutzen wollen
	#RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.(html?|php)\ HTTP/
	#RewriteRule ^index\.(html?|php)$ http://%{HTTP_HOST}/ [R=301,L]
	RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)index\.php($|\ |\?)
	#RewriteRule ^ /%1 [R=301,L]
	
	RewriteCond %{REQUEST_FILENAME} -f [OR]
	RewriteCond %{REQUEST_FILENAME} -d

	RewriteRule ^(.+) - [PT,L]

	RewriteCond %{REQUEST_FILENAME} ^(.*)\.(php|css|js|gif|jpg|jpeg|png)$ [NC]
	RewriteRule ^(.+) - [L]
	
	RewriteCond %{REQUEST_URI} (.*)?/admin/(.*)
	RewriteRule ^(.+) - [L]
	
	RewriteCond %{REQUEST_URI} (.*)?/images/(.*)
	RewriteRule ^(.+) - [L]
	
	RewriteCond %{REQUEST_URI} (.*)?/templates/(.*)
	RewriteRule ^(.+) - [L]
	
	
	RewriteCond %{REQUEST_FILENAME} -d
	RewriteRule ^(.+) - [L]
	
	RewriteCond %{REQUEST_FILENAME} -f
	RewriteRule ^(.+) - [L]
	
	RewriteCond %{REQUEST_FILENAME} -l
	RewriteRule ^(.+) - [L]
	
	
	##boosted CONTENT
	RewriteRule (^[a-z]{2})/(.*/)?info/([A-Za-z0-9_/-]+)\.html.* shop_content.php?language=$1&gm_boosted_content=$3&%{QUERY_STRING} [PT,L]
	RewriteRule (.*/)?info/([A-Za-z0-9_/-]+)\.html.* shop_content.php?gm_boosted_content=$2&%{QUERY_STRING} [PT,L]

	##boosted BLOG-ITEMS
	RewriteRule (^[a-z]{2})/(.*/)?blog/([A-Za-z0-9_/-]+)\.html.* blog.php?language=$1&gm_boosted_blogitem=$3&%{QUERY_STRING} [PT,L]
	RewriteRule (.*/)?blog/([A-Za-z0-9_/-]+)\.html.* blog.php?gm_boosted_blogitem=$2&%{QUERY_STRING} [PT,L]
	
	##boosted BLOG-CAT
	RewriteRule (^[a-z]{2})/(.*/)?blog/([A-Za-z0-9_/-]+)/?.* blog.php?language=$1&gm_boosted_blogcat=$3&%{QUERY_STRING} [L]
	RewriteRule (.*)?blog/([A-Za-z0-9_/-]+)/?.* blog.php?gm_boosted_blogcat=$2&%{QUERY_STRING} [L]

	#CSEO OLD
	RewriteRule ^(.*)(.+)404.php$ 404.php [qsappend,L]
	RewriteRule ^(.*)tag/(.*([a-zßöüäA-ZÖÜÄ0-9]))/$ taglisting.php?tag=$1$2 [qsappend,L]
	RewriteRule ^(.*)hashtag/(.*([a-zßöüäA-ZÖÜÄ0-9]))$ hashtags.php?hashtags=$1$2 [qsappend,L]
	RewriteRule ^(.*)keywords/(.*([a-zßöüäA-ZÖÜÄ0-9]))$ advanced_search_result.php?keywords=$1$2 [qsappend,L]
	RewriteRule ^(.*)manufacturer-(.*[0-9])/(.*([a-zßöüäA-ZÖÜÄ0-9]))$ index.php?manufacturers_id=$2 [qsappend,L]
	RewriteRule ^(.*)review-(.*[0-9])/(.*([a-zßöüäA-ZÖÜÄ0-9]))$ product_reviews_info.php?reviews_id=$2 [qsappend,L]
		
	##boosted PRODUCTS
	RewriteRule (^[a-z]{2})/([A-Za-z0-9_/-]+)\.html product_info.php?language=$1&gm_boosted_product=$2&%{QUERY_STRING} [PT,L]
	RewriteRule ([A-Za-z0-9_/-]+)\.html product_info.php?gm_boosted_product=$1&%{QUERY_STRING} [PT,L]
	
	##boosted CATEGORIES
	RewriteRule (^[a-z]{2})/([A-Za-z0-9_/-]+)/?.* index.php?language=$1&gm_boosted_category=$2&%{QUERY_STRING} [L]
	RewriteRule ([A-Za-z0-9_/-]+)/?.* index.php?gm_boosted_category=$1&%{QUERY_STRING} [L]

</IfModule>

ErrorDocument 404 /404.php
ErrorDocument 403 /403.php
