AddType font/woff .woff

<files .htaccess>
order allow,deny
deny from all
</files>

Options -Indexes

<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteCond %{HTTP:accept-encoding} gzip
	RewriteCond %{HTTP_USER_AGENT} !Safari
	RewriteCond %{REQUEST_FILENAME} !^.+.gz$
	RewriteCond %{REQUEST_FILENAME}.gz -f
	RewriteRule ^(.+) $1.gz [QSA,L]
</IfModule>

<ifmodule mod_gzip.c>
	mod_gzip_on Yes
	mod_gzip_dechunk Yes
	mod_gzip_keep_workfiles No
	mod_gzip_can_negotiate Yes
	mod_gzip_add_header_count Yes
	mod_gzip_send_vary Yes
	mod_gzip_command_version ‘/mod_gzip_status’
	mod_gzip_min_http 1000
	mod_gzip_minimum_file_size 300
	mod_gzip_maximum_file_size 512000
	mod_gzip_maximum_inmem_size 60000
	mod_gzip_handle_methods GET POST
	mod_gzip_temp_dir /tmp
	mod_gzip_item_include file .woff2$
	mod_gzip_item_include file .woff$
	mod_gzip_item_include file .eot$
	mod_gzip_item_include file .svg$
	mod_gzip_item_include file .ttf$
</ifmodule>

Header unset ETag
FileETag none

<ifmodule mod_headers.c>
	<filesmatch "\.(woff2?|svg|ttf|eot)$">
		Header set Access-Control-Allow-Origin *
		Header set Alt-Svc "clear"
		Header set Access-Control-Allow-Methods: GET
		Header set Cross-Origin-Opener-Policy same-origin
		Header set Cross-Origin-Resource-Policy same-site
		Header set X-Content-Type-Options nosniff
		Header set Timing-Allow-Origin *
		Header set X-XSS-Protection "1; mode=block"
		Header set X-Frame-Options "SAMEORIGIN"
		Header unset pragma
	</filesmatch>
	<filesmatch "\.(woff2|svg)$">
		Header set Cache-Control "max-age=31536000, public"
	</filesmatch>
	<filesmatch "\\.(woff|eot|ttf)$">
		Header set cache-control "no-cache"
		Header set Pragma "no-cache"
		Header set Expires "-1"
		Header unset Cache-Control
		Header unset pragma
	</filesmatch>
</ifmodule>

<ifmodule mod_expires.c>
	ExpiresActive On
	ExpiresByType font/woff2 "access plus 31536000 seconds"
	ExpiresByType image/svg+xml "access plus 31536000 seconds"
</ifmodule>
