Rearrange filesystem layout, and add configuration files

config/apache/standardebooks.org.conf

@@ -0,0 +1,216 @@
+# Global configuration; see https://securityheaders.com
+Header			set X-UA-Compatible "IE=edge"
+Header			set X-Frame-Options "sameorigin"
+Header			set X-Content-Type-Options "nosniff"
+Header			set X-Xss-Protection "1; mode=block"
+Header			set Referrer-Policy "no-referrer-when-downgrade"
+ServerTokens		prod
+ServerSignature		off
+AddDefaultCharset	utf-8
+UseCanonicalName	on
+LogLevel		warn
+AddOutputFilterByType	deflate	image/svg+xml
+AddType			application/font-woff2	.woff2
+TraceEnable		off
+Protocols		h2 h2c http/1.1
+
+# Set up caching directives for infrequently changed files
+ExpiresActive		On
+ExpiresByType		application/font-woff		"access plus 1 month"
+ExpiresByType		application/font-woff2		"access plus 1 month"
+ExpiresByType		application/javascript		"access plus 1 month"
+ExpiresByType		image/gif			"access plus 1 month"
+ExpiresByType		image/png			"access plus 1 month"
+ExpiresByType		image/jpeg			"access plus 1 month"
+ExpiresByType		image/svg+xml			"access plus 1 month"
+ExpiresByType		image/vnd.microsoft.icon	"access plus 1 month"
+ExpiresByType		image/x-icon			"access plus 1 month"
+ExpiresByType		text/css			"access plus 1 month"
+
+# These lines are a workaround for an Apache bug that prevents mod_deflate, etags, and ExpiresByType working at the same time.
+# This is probably still broken in 18.04.  See https://stackoverflow.com/questions/896974/apache-is-not-sending-304-response-if-mod-deflate-and-addoutputfilterbytype-is
+FileETag	All
+RequestHeader	edit	"If-None-Match" "^\"(.*)-gzip\"$" "\"$1\""
+Header		edit	"ETag" "^\"(.*[^g][^z][^i][^p])\"$" "\"$1-gzip\""
+
+# SSL hardening; see https://mozilla.github.io/server-side-tls/ssl-config-generator/
+SSLProtocol				all -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite				ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
+SSLHonorCipherOrder			on
+SSLCompression				off
+SSLSessionTickets			off
+SSLStaplingCache			shmcb:/var/run/ocsp(128000)
+# SSL Stapling should be off for testing to prevent errors in log files, and on for live
+SSLUseStapling				on
+SSLStaplingResponderTimeout		5
+SSLStaplingReturnResponderErrors	off
+
+Define domain standardebooks.org
+
+<VirtualHost *:80>
+	ServerName		${domain}
+	ServerAlias		www.${domain}
+	RedirectPermanent	/ https://${domain}/
+</VirtualHost>
+
+<VirtualHost *:443>
+	ServerName		${domain}
+	ServerAlias		www.${domain}
+	DocumentRoot		/standardebooks.org/web/www
+	ErrorDocument		404	/404
+	ErrorLog		/var/log/local/www-error.log
+	RewriteEngine		on
+	CustomLog		"|/usr/bin/rotatelogs -f -p /standardebooks.org/scripts/rotate-www-logs /var/log/local/apache/www-access.log 86400"	combined
+
+	SSLEngine on
+	SSLCertificateFile	/etc/letsencrypt/live/${domain}/fullchain.pem
+	SSLCertificateKeyFile	/etc/letsencrypt/live/${domain}/privkey.pem
+	Header			always set Strict-Transport-Security "max-age=15768000"
+
+	# CSP still causes a lot of problems with Firefox (can't use inline CSS debugger, etc.) so disable for now.
+	# Header			set Content-Security-Policy "default-src 'self';"
+
+	# # Below is required to fix a Firefox bug with CSP and SVG images; see https://pokeinthe.io/2016/04/09/black-icons-with-svg-and-csp/
+	# <FilesMatch "\.svg$">
+	# 	Header		set Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline';"
+	# </FilesMatch>
+
+	# Log downloads
+	SetEnvIf Request_URI "\.epub$" logdownload
+	SetEnvIf Request_URI "\.kepub.epub$" logdownload
+	SetEnvIf Request_URI "\.epub3$" logdownload
+	SetEnvIf Request_URI "\.azw3$" logdownload
+	CustomLog /var/log/local/downloads.log "%h [%{%Y-%m-%d %H:%M:%S %Z}t] \"%r\" %>s %b" env=logdownload
+
+	<Directory /standardebooks.org/web/www/>
+		# Disable .htaccess files
+		AllowOverride	none
+
+		# Disable unneeded options
+		Options		none
+
+		# Allow access to www/
+		Require all granted
+
+		# Pass HTTP Authorization headers to PHP-FPM
+		CGIPassAuth on
+	</Directory>
+
+	AddType	application/epub+zip		.epub .epub3
+	AddType	application/x-mobi8-ebook	.azw3
+
+	<Location ~ ^/ebooks/.+?/dist/.+$>
+		# Serve distributables using the "download" dialog instead of opening in-browser
+		# Note: the trailing e in the Header directive is required
+		SetEnvIf Request_URI    ^/ebooks/.+?/dist/(.+)$     FILENAME=$1
+		Header set "Content-Disposition" "attachment; filename=%{FILENAME}e"
+	</Location>
+
+	<Location ~ ^/opds.+?$>
+		DirectoryIndex	index.xml
+	</location>
+
+	# We explicitly set the content-type for items in the /vocab/ directory, because Apache doesn't set it for us,
+	# and we need a content-type header when using the "nosniff" header. See https://bugzilla.mozilla.org/show_bug.cgi?id=1547076
+	<Location ~ ^/vocab/.+$>
+		Header	set Content-Type "text/plain"
+	</location>
+
+	# Enable HTTP CORS so that browser-based readers like Readium can access opds and ebooks
+	# See https://github.com/standardebooks/tools/issues/2
+	<Location ~ /(ebooks|drafts|opds)/>
+		Header		set Access-Control-Allow-Origin "*"
+	</Location>
+
+	# Remove www from requests
+	RewriteCond %{HTTP_HOST}	^www\.(.+) [NC]
+	RewriteRule ^			https://%1%{REQUEST_URI} [R=301,L]
+
+	# PHP-FPM configuration
+	# See https://serverfault.com/questions/450628/apache-2-4-php-fpm-proxypassmatch/510784
+
+	# Forward all PHP requests to the php-fpm pool for this domain.
+	<FilesMatch \.php$>
+		SetHandler "proxy:unix:/run/php/${domain}.sock|fcgi://${domain}"
+	</FilesMatch>
+
+	# Set some proxy properties.
+	<Proxy fcgi://${domain}>
+		ProxySet connectiontimeout=5 timeout=240
+	</Proxy>
+
+	# In case of 404, serve the 404 page specified by ErrorDocument, not the default FPM error page.
+	# Note that we can't use `ProxyErrorOverride on` because that catches ALL 4xx and 5xx HTTP headers
+	# and serves the default Apache page for them.
+	RewriteCond %{REQUEST_FILENAME} \.php$
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
+	RewriteRule (.*)		- [H=text/html]
+
+	# Received: /filename.php and /filename.php exists in filesystem; Result: 301 redirect to /filename and restart request
+	RewriteCond %{REQUEST_FILENAME} \.php$
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} -f
+	RewriteRule ^/(.+)\.php$	/$1 [R=301,L]
+
+	# Received: /filename and /filename.php exists in filesystem; Result: change /filename to /filename.php and continue processing
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-d
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI}.php -f
+	RewriteRule ^([^\.]+)$							$1.php [QSA]
+	# End PHP-FPM configuration
+
+	# Received: /filename and /filename.xml exists in filesystem; Result: rewrite to /filename.xml and end request
+	RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME}.xml -f
+	RewriteRule (.*) $1.xml [L]
+
+	# Favicon rewrites
+	RewriteRule				^/(apple-touch|android-chrome|favicon|mstile|safari-pinned|browserconfig|manifest)([^/]+)$	/images/favicons/$1$2 [L]
+
+	# List of specific URL rewrites
+	RewriteRule				^/ebooks/aristotle/the-nicomachean-ethics(.+)$	/ebooks/aristotle/nicomachean-ethics$1 [R=301,L]
+	RewriteRule				^/ebooks/sir-arthur-conan-doyle(.+)$		/ebooks/arthur-conan-doyle$1 [R=301,L]
+	RewriteRule				^/alices-adventures-in-wonderland.+$		/ebooks/lewis-carroll/alices-adventures-in-wonderland/$1 [R=301,L]
+	RewriteRule				^/ebooks/philip-k-dick/short-stories(.+)$	/ebooks/philip-k-dick/short-fiction$1 [R=301,L]
+	RewriteRule				^/ebooks/benjamin-disraeli/sibyl(.+)$		/ebooks/benjamin-disraeli/sybil$1 [R=301,L]
+	RewriteRule				^/ebooks/lewis-carroll/alices-adventures-in-wonderland/dist/(.+)$		/ebooks/lewis-carroll/alices-adventures-in-wonderland/john-tenniel/dist/$1 [R=301,L]
+	RewriteRule				^/ebooks/lewis-carroll/through-the-looking-glass/dist/(.+)$		/ebooks/lewis-carroll/through-the-looking-glass/john-tenniel/dist/$1 [R=301,L]
+	RewriteRule				^/ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company$ /ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company_george-tolstoy [R=301,L]
+	RewriteRule				^/ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company/(.+?)$ /ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company_george-tolstoy/$1 [R=301,L]
+	RewriteRule				^/ebooks/h-g-wells/tales-of-space-and-time(.+)$		/ebooks/h-g-wells/short-fiction$1 [R=301,L]
+
+	# Remove newline characters inserted by accident in some email clients
+	RewriteRule				^(.*)\r\n[\ ]?(.*)$ 				$1$2 [R=301,N]
+	RewriteRule				^(.*)/r/n[\ ]?(.*)$ 				$1$2 [R=301,N]
+	RewriteRule				^(.*)/[rn]$					$1 [R=301,N]
+
+	# Redirect cover images with caching sha's to the root image
+	# We do this because some sites like Google cache the cover image path, so changing it results in lots of 404s
+	RewriteRule				^/images/covers/(.+?)\-[a-z0-9]{8}\-(cover|hero)(@2x)?\.jpg$	/images/covers/$1-$2$3.jpg
+
+	# Force a trailing slash on author directories
+	RewriteRule				^/(tags|collections|ebooks)/([^\./]+?)$		/$1/$2/ [R=301,L]
+	RewriteRule				^/ebooks/([^\./]+?)/$				/ebooks/author.php?url-path=$1 [QSA]
+	RewriteRule				^/tags/([^\./]+?)/$				/ebooks/index.php?tag=$1 [QSA]
+	RewriteRule				^/collections/([^\./]+?)/$			/ebooks/index.php?collection=$1 [QSA]
+
+	# Prevent this rule from firing if we're getting a distribution file
+	RewriteCond %{REQUEST_FILENAME}		!^/ebooks/.+?/dist/.+$
+	RewriteCond %{REQUEST_FILENAME}		!^/ebooks/.+?/src/.+$
+	RewriteRule				^/ebooks/([^\.]+?)/?$				/ebooks/ebook.php?url-path=$1
+</VirtualHost>
+
+<VirtualHost *:80>
+	ServerName		standardebooks.com
+	ServerAlias		www.standardebooks.com
+	RedirectPermanent	/ https://${domain}/
+</VirtualHost>
+
+<VirtualHost *:443>
+	ServerName		standardebooks.com
+	ServerAlias		www.standardebooks.com
+	RedirectPermanent	/ https://${domain}/
+
+	SSLEngine on
+	SSLCertificateFile	/etc/letsencrypt/live/standardebooks.com/fullchain.pem
+	SSLCertificateKeyFile	/etc/letsencrypt/live/standardebooks.com/privkey.pem
+	Header			always set Strict-Transport-Security "max-age=15768000"
+</VirtualHost>

config/apache/standardebooks.test.conf

@@ -0,0 +1,198 @@
+# Global configuration; see https://securityheaders.com
+Header			set X-UA-Compatible "IE=edge"
+Header			set X-Frame-Options "sameorigin"
+Header			set X-Content-Type-Options "nosniff"
+Header			set X-Xss-Protection "1; mode=block"
+Header			set Referrer-Policy "no-referrer-when-downgrade"
+ServerTokens		prod
+ServerSignature		off
+AddDefaultCharset	utf-8
+UseCanonicalName	on
+LogLevel		warn
+AddOutputFilterByType	deflate	image/svg+xml
+AddType			application/font-woff2	.woff2
+TraceEnable		off
+Protocols		h2 h2c http/1.1
+
+# Set up caching directives for infrequently changed files
+ExpiresActive		On
+ExpiresByType		application/font-woff		"access plus 1 month"
+ExpiresByType		application/font-woff2		"access plus 1 month"
+ExpiresByType		application/javascript		"access plus 1 month"
+ExpiresByType		image/gif			"access plus 1 month"
+ExpiresByType		image/png			"access plus 1 month"
+ExpiresByType		image/jpeg			"access plus 1 month"
+ExpiresByType		image/svg+xml			"access plus 1 month"
+ExpiresByType		image/vnd.microsoft.icon	"access plus 1 month"
+ExpiresByType		image/x-icon			"access plus 1 month"
+ExpiresByType		text/css			"access plus 1 month"
+
+# These lines are a workaround for an Apache bug that prevents mod_deflate, etags, and ExpiresByType working at the same time.
+# This is probably still broken in 18.04.  See https://stackoverflow.com/questions/896974/apache-is-not-sending-304-response-if-mod-deflate-and-addoutputfilterbytype-is
+FileETag	All
+RequestHeader	edit	"If-None-Match" "^\"(.*)-gzip\"$" "\"$1\""
+Header		edit	"ETag" "^\"(.*[^g][^z][^i][^p])\"$" "\"$1-gzip\""
+
+# SSL hardening; see https://mozilla.github.io/server-side-tls/ssl-config-generator/
+SSLProtocol				all -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite				ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
+SSLHonorCipherOrder			on
+SSLCompression				off
+SSLSessionTickets			off
+SSLStaplingCache			shmcb:/var/run/ocsp(128000)
+# SSL Stapling should be off for testing to prevent errors in log files, and on for live
+SSLUseStapling				off
+SSLStaplingResponderTimeout		5
+SSLStaplingReturnResponderErrors	off
+
+Define domain standardebooks.test
+
+<VirtualHost *:80>
+	ServerName		${domain}
+	ServerAlias		www.${domain}
+	RedirectPermanent	/ https://${domain}/
+</VirtualHost>
+
+<VirtualHost *:443>
+	ServerName		${domain}
+	ServerAlias		www.${domain}
+	DocumentRoot		/standardebooks.org/web/www
+	ErrorDocument		404	/404
+	ErrorLog		/var/log/local/www-error.log
+	RewriteEngine		on
+
+	SSLEngine on
+	SSLCertificateFile	/standardebooks.org/web/config/ssl/${domain}.crt
+	SSLCertificateKeyFile	/standardebooks.org/web/config/ssl/${domain}.key
+	Header			always set Strict-Transport-Security "max-age=15768000"
+
+	# CSP still causes a lot of problems with Firefox (can't use inline CSS debugger, etc.) so disable for now.
+	# Header			set Content-Security-Policy "default-src 'self';"
+
+	# # Below is required to fix a Firefox bug with CSP and SVG images; see https://pokeinthe.io/2016/04/09/black-icons-with-svg-and-csp/
+	# <FilesMatch "\.svg$">
+	# 	Header		set Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline';"
+	# </FilesMatch>
+
+	# Log downloads
+	SetEnvIf Request_URI "\.epub$" logdownload
+	SetEnvIf Request_URI "\.kepub.epub$" logdownload
+	SetEnvIf Request_URI "\.epub3$" logdownload
+	SetEnvIf Request_URI "\.azw3$" logdownload
+	CustomLog /var/log/local/downloads.log "%h [%{%Y-%m-%d %H:%M:%S %Z}t] \"%r\" %>s %b" env=logdownload
+
+	<Directory /standardebooks.org/web/www/>
+		# Disable .htaccess files
+		AllowOverride	none
+
+		# Disable unneeded options
+		Options		none
+
+		# Allow access to www/
+		Require all granted
+
+		# Pass HTTP Authorization headers to PHP-FPM
+		CGIPassAuth on
+	</Directory>
+
+	AddType	application/epub+zip		.epub .epub3
+	AddType	application/x-mobi8-ebook	.azw3
+
+	<Location ~ ^/ebooks/.+?/dist/.+$>
+		# Serve distributables using the "download" dialog instead of opening in-browser
+		# Note: the trailing e in the Header directive is required
+		SetEnvIf Request_URI    ^/ebooks/.+?/dist/(.+)$     FILENAME=$1
+		Header set "Content-Disposition" "attachment; filename=%{FILENAME}e"
+	</Location>
+
+	<Location ~ ^/opds.+?$>
+		DirectoryIndex	index.xml
+	</location>
+
+	# We explicitly set the content-type for items in the /vocab/ directory, because Apache doesn't set it for us,
+	# and we need a content-type header when using the "nosniff" header. See https://bugzilla.mozilla.org/show_bug.cgi?id=1547076
+	<Location ~ ^/vocab/.+$>
+		Header	set Content-Type "text/plain"
+	</location>
+
+	# Enable HTTP CORS so that browser-based readers like Readium can access opds and ebooks
+	# See https://github.com/standardebooks/tools/issues/2
+	<Location ~ /(ebooks|drafts|opds)/>
+		Header		set Access-Control-Allow-Origin "*"
+	</Location>
+
+	# Remove www from requests
+	RewriteCond %{HTTP_HOST}	^www\.(.+) [NC]
+	RewriteRule ^			https://%1%{REQUEST_URI} [R=301,L]
+
+	# PHP-FPM configuration
+	# See https://serverfault.com/questions/450628/apache-2-4-php-fpm-proxypassmatch/510784
+
+	# Forward all PHP requests to the php-fpm pool for this domain.
+	<FilesMatch \.php$>
+		SetHandler "proxy:unix:/run/php/${domain}.sock|fcgi://${domain}"
+	</FilesMatch>
+
+	# Set some proxy properties.
+	<Proxy fcgi://${domain}>
+		ProxySet connectiontimeout=5 timeout=240
+	</Proxy>
+
+	# In case of 404, serve the 404 page specified by ErrorDocument, not the default FPM error page.
+	# Note that we can't use `ProxyErrorOverride on` because that catches ALL 4xx and 5xx HTTP headers
+	# and serves the default Apache page for them.
+	RewriteCond %{REQUEST_FILENAME} \.php$
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
+	RewriteRule (.*)		- [H=text/html]
+
+	# Received: /filename.php and /filename.php exists in filesystem; Result: 301 redirect to /filename and restart request
+	RewriteCond %{REQUEST_FILENAME} \.php$
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} -f
+	RewriteRule ^/(.+)\.php$	/$1 [R=301,L]
+
+	# Received: /filename and /filename.php exists in filesystem; Result: change /filename to /filename.php and continue processing
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-d
+	RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI}.php -f
+	RewriteRule ^([^\.]+)$							$1.php [QSA]
+	# End PHP-FPM configuration
+
+	# Received: /filename and /filename.xml exists in filesystem; Result: rewrite to /filename.xml and end request
+	RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME}.xml -f
+	RewriteRule (.*) $1.xml [L]
+
+	# Favicon rewrites
+	RewriteRule				^/(apple-touch|android-chrome|favicon|mstile|safari-pinned|browserconfig|manifest)([^/]+)$	/images/favicons/$1$2 [L]
+
+	# List of specific URL rewrites
+	RewriteRule				^/ebooks/aristotle/the-nicomachean-ethics(.+)$	/ebooks/aristotle/nicomachean-ethics$1 [R=301,L]
+	RewriteRule				^/ebooks/sir-arthur-conan-doyle(.+)$		/ebooks/arthur-conan-doyle$1 [R=301,L]
+	RewriteRule				^/alices-adventures-in-wonderland.+$		/ebooks/lewis-carroll/alices-adventures-in-wonderland/$1 [R=301,L]
+	RewriteRule				^/ebooks/philip-k-dick/short-stories(.+)$	/ebooks/philip-k-dick/short-fiction$1 [R=301,L]
+	RewriteRule				^/ebooks/benjamin-disraeli/sibyl(.+)$		/ebooks/benjamin-disraeli/sybil$1 [R=301,L]
+	RewriteRule				^/ebooks/lewis-carroll/alices-adventures-in-wonderland/dist/(.+)$		/ebooks/lewis-carroll/alices-adventures-in-wonderland/john-tenniel/dist/$1 [R=301,L]
+	RewriteRule				^/ebooks/lewis-carroll/through-the-looking-glass/dist/(.+)$		/ebooks/lewis-carroll/through-the-looking-glass/john-tenniel/dist/$1 [R=301,L]
+	RewriteRule				^/ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company$ /ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company_george-tolstoy [R=301,L]
+	RewriteRule				^/ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company/(.+?)$ /ebooks/nikolai-gogol/short-fiction/claud-field_isabel-f-hapgood_vizetelly-and-company_george-tolstoy/$1 [R=301,L]
+	RewriteRule				^/ebooks/h-g-wells/tales-of-space-and-time(.+)$		/ebooks/h-g-wells/short-fiction$1 [R=301,L]
+
+	# Remove newline characters inserted by accident in some email clients
+	RewriteRule				^(.*)\r\n[\ ]?(.*)$ 				$1$2 [R=301,N]
+	RewriteRule				^(.*)/r/n[\ ]?(.*)$ 				$1$2 [R=301,N]
+	RewriteRule				^(.*)/[rn]$					$1 [R=301,N]
+
+	# Redirect cover images with caching sha's to the root image
+	# We do this because some sites like Google cache the cover image path, so changing it results in lots of 404s
+	RewriteRule				^/images/covers/(.+?)\-[a-z0-9]{8}\-(cover|hero)(@2x)?\.jpg$	/images/covers/$1-$2$3.jpg
+
+	# Force a trailing slash on author directories
+	RewriteRule				^/(tags|collections|ebooks)/([^\./]+?)$		/$1/$2/ [R=301,L]
+	RewriteRule				^/ebooks/([^\./]+?)/$				/ebooks/author.php?url-path=$1 [QSA]
+	RewriteRule				^/tags/([^\./]+?)/$				/ebooks/index.php?tag=$1 [QSA]
+	RewriteRule				^/collections/([^\./]+?)/$			/ebooks/index.php?collection=$1 [QSA]
+
+	# Prevent this rule from firing if we're getting a distribution file
+	RewriteCond %{REQUEST_FILENAME}		!^/ebooks/.+?/dist/.+$
+	RewriteCond %{REQUEST_FILENAME}		!^/ebooks/.+?/src/.+$
+	RewriteRule				^/ebooks/([^\.]+?)/?$				/ebooks/ebook.php?url-path=$1
+</VirtualHost>