ZiziCache

RC Beta

Join the Beta β

Server Optimization and .htaccess

Updated on 12. 6. 2025

Server Optimization and .htaccess Configuration

Server-Level Optimizations

ZiziCache provides comprehensive server-level optimizations that work across different web server environments to improve website performance and security.

Automatic .htaccess Management

What Gets Optimized

  • Browser caching: Long-term caching for static assets
  • GZIP compression: Reduced bandwidth usage
  • Cache headers: Optimized HTTP headers for performance
  • Security rules: Protection against common attacks
  • Rewrite rules: Efficient cache file serving

Cache File Headers

Optimized headers for cached HTML files:

  • Content-Encoding: Automatic GZIP detection
  • Cache-Control: Intelligent cache control
  • CDN-Cache-Control: CDN-specific headers
  • X-Content-Type-Options: Security headers

Multi-Server Support

Apache Servers (Automatic)

  • Automatic .htaccess file creation
  • Full optimization without manual configuration
  • Dynamic rule updates
  • Complete security implementation

NGINX Servers (Semi-Automatic)

  • Automatic configuration file generation
  • Manual server block integration required
  • Detailed setup instructions provided
  • Sample configuration examples

IIS Servers (Automatic)

  • Automatic web.config file creation
  • Windows hosting compatibility
  • Full optimization support

Security Implementation

Cache Directory Protection

  • PHP execution prevention: Blocks malicious script execution
  • Directory browsing disabled: Prevents file listing
  • Sensitive file blocking: Protects .log, .db, .sql files
  • Access logging: Security monitoring

External Files Security

  • Strict whitelist: Only .css and .js files allowed
  • RCE prevention: Complete PHP execution disabled
  • File type validation: Content-type enforcement
  • Security headers: Additional protection layers

Performance Optimizations

Browser Caching Rules

# Static assets - 1 year cache
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
# HTML files - 1 hour cache
ExpiresByType text/html "access plus 1 hour"

GZIP Compression

  • Text files: HTML, CSS, JavaScript, JSON
  • Fonts: WOFF, WOFF2, TTF, OTF
  • Images: SVG compression
  • Prevent double-compression: Smart detection

Cache Serving Rules

Intelligent Cache Detection

  • Serve cache for GET/HEAD requests only
  • Skip cache for query strings
  • Bypass cache for logged-in users
  • Exclude admin areas automatically

Cache File Management

  • GZIP serving: Automatic compressed file detection
  • MIME type handling: Correct content-type headers
  • Cache tags: CDN integration support
  • Vary headers: Proper cache variation

NGINX Configuration

Cache Directory Configuration

location /wp-content/cache/zizi-cache/ {
    # Allow cache files
    location ~* \.(html|htm|gz)$ {
        expires 1h;
        add_header Cache-Control "public, must-revalidate";
    }
    # Block dangerous files
    location ~* \.(php|db|log)$ {
        deny all;
    }
}

External Files Protection

location /wp-content/cache/zizi-cache/3rd-css-js/ {
    # Allow only CSS and JS
    location ~* \.(css|js)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
    # Block everything else
    location ~* \.(php|txt|log)$ {
        deny all;
        return 403;
    }
}

Automatic Triggers

When Security Rules Are Created

  • Plugin activation: Complete security setup
  • Cache directory creation: Immediate protection
  • External file downloads: Real-time security
  • Configuration updates: Security consistency

Monitoring and Maintenance

Log Monitoring

  • Security violation tracking
  • Performance metric logging
  • Error condition monitoring
  • Access pattern analysis

Regular Maintenance

  • Verify .htaccess files exist and are current
  • Check server error logs for issues
  • Monitor cache hit rates
  • Review security logs for suspicious activity

Troubleshooting

Common Issues

  • 500 errors: Check .htaccess syntax and server compatibility
  • Files not caching: Verify cache headers and expiration rules
  • Security blocks: Review access logs and rule conflicts
  • NGINX issues: Ensure manual configuration is properly implemented

Diagnostic Tools

  • Browser developer tools for header inspection
  • Server error logs for configuration issues
  • Cache testing tools for validation
  • Performance monitoring for optimization verification
What are your feelings