Assorted grammar fixes

Author: XhmikosR

.github/CONTRIBUTING.md

@@ -8,7 +8,7 @@ Please take a moment to review this document in order to make the contribution
 process easy and effective for everyone involved.
 
 Following these guidelines helps to communicate that you respect the time of
-the developers managing and developing this open source project. In return,
+the developers managing and developing this open-source project. In return,
 they should reciprocate that respect in addressing your issue or assessing
 patches and features.
 
@@ -41,7 +41,7 @@ Guidelines for bug reports:
 2. **Check if the issue has been fixed** — try to reproduce it using the
    latest `master` or development branch in the repository.
 
-3. **Isolate the problem** — ideally create a [reduced test
+3. **Isolate the problem** — ideally, create a [reduced test
    case](https://css-tricks.com/reduced-test-cases/) and a live example.
 
 A good bug report shouldn't leave others needing to chase you up for more
@@ -123,7 +123,7 @@ included in the project:
 
 4. Commit your changes in logical chunks. Please adhere to these [git commit
    message guidelines](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)
-   or your code is unlikely be merged into the main project. Use Git's
+   or your code is unlikely to be merged into the main project. Use Git's
    [interactive rebase](https://help.github.com/articles/about-git-rebase/)
    feature to tidy up your commits before making them public.
 

CHANGELOG.md

@@ -1,6 +1,6 @@
 ### 3.2.1 (May 8, 2019)
 
-* Fix NPM releasing
+* Fix npm releasing
   [[4b0ee86](https://github.com/h5bp/server-configs-apache/commit/4b0ee8643c2c4f7dafafca82be67dc3309c0b479)]
 
 ### 3.2.0 (May 6, 2019)

README.md

@@ -10,11 +10,11 @@ accessible, if needed, even cross-domain.
 
 ## Getting Started
 
-There are a two options for getting the Apache server configs:
+There are two options for getting the Apache server configs:
 
 * If you have access to the [main server configuration
   file](https://httpd.apache.org/docs/current/configuring.html#main)
-  (usually called `httpd.conf`), you should configure Apache by this way.
+  (usually called `httpd.conf`), you should configure Apache this way.
   This is usually the recommended way, as using `.htaccess` files [slows
   down](https://httpd.apache.org/docs/current/howto/htaccess.html#when)
   Apache!
@@ -53,7 +53,7 @@ Most specific variables are:
   apache2 -t -f httpd.conf
   ```
 
-* To reload Apache and apply new config
+* To reload Apache and apply the new config
 
   ```shell
   apache2ctl reload
@@ -158,7 +158,7 @@ This repository has the following structure:
   * **`basic.conf`**
 
     This file loads a small subset of the rules provided by this repository to add
-    expires headers, allow cross domain fonts and protect system files from web
+    expires headers, allow cross-domain fonts and protect system files from web
     access.
     The `basic.conf` file includes the rules which are recommended to always be
     defined.
@@ -251,7 +251,7 @@ to your settings in the `htaccess.conf` of your project root.
 
 #### Configuration file: `htaccess.conf`
 
-Allows you to define which module to [enable](#enabling-modules) or
+It allows you to define which module to [enable](#enabling-modules) or
 [disable](#disabling-modules) for your project. Just copy the default
 [`htaccess.conf`](https://github.com/h5bp/server-configs-apache/blob/master/bin/htaccess.conf)
 from this repo into your project directory. Adjust to your needs, and/or
@@ -290,7 +290,7 @@ omit  "h5bp/cross-origin/web_fonts.conf"
 
 ##### Enabling modules
 
-For example, the *“Forcing https://”* snippet is disabled by default,
+For example, the *“Forcing `https://`”* snippet is disabled by default,
 although being included in our pre-built `.htaccess`. To enable this
 snippet, change the `disable` keyword to `enable`:
 
@@ -301,7 +301,7 @@ enable "h5bp/rewrites/rewrite_http_to_https.conf"
 ##### Adding custom modules
 
 Imagine you're passing all requests to non-existing files to your
-favourite web framework. The according
+favorite web framework. The according
 [_mod_dir_](https://httpd.apache.org/docs/trunk/mod/mod_dir.html#fallbackresource)
 snippet would go like this:
 
@@ -322,9 +322,10 @@ enable "config/framework_rewrites.conf"
 Dive into your project root and call the build script from wherever you cloned
 the repo. Here are three examples:
 
-**1. Create a default `.htaccess`**  
-in current work directory. An existing `htaccess.conf` in this directory will
-be used; if none is present, the
+1. Create a default `.htaccess`
+
+Create a default `.htaccess` in the current work directory. An existing
+`htaccess.conf` in this directory will be used; if none is present, the
 [**default configuration**](https://github.com/h5bp/server-configs-apache/blob/master/bin/htaccess.conf)
 will apply.
 
@@ -337,8 +338,9 @@ $ path/to/server-configs-apache/bin/build.sh
 [✔] Moved in place: './.htaccess'
 ```
 
-**2. Custom output location**  
-Just add output path and filename as parameter. By the way, if there's an
+2. Custom output location
+
+Just add an output path and filename as a parameter. By the way, if there's an
 existing `.htaccess` file, the build script will create a backup.
 
 ```console
@@ -348,9 +350,10 @@ $ path/to/server-configs-apache/bin/build.sh htdocs/.htaccess
 [✔] Moved in place: 'htdocs/.htaccess'
 ```
 
-**3. Custom `.htaccess` configuration**  
+3. Custom `.htaccess` configuration
+
 Why not maintain your personal `~/htaccess.conf`? This example creates a
-`.htaccess` in current work directory, according to your favourite settings
+`.htaccess` in the current work directory, according to your favorite settings
 you may have stored in your `$HOME` directory:
 
 ```bash

h5bp/internet_explorer/x-ua-compatible.conf

@@ -3,7 +3,7 @@
 # ----------------------------------------------------------------------
 
 # Force Internet Explorer 8/9/10 to render pages in the highest mode
-# available in the various cases when it may not.
+# available in various cases when it may not.
 #
 # https://hsivonen.fi/doctype/#ie8
 #

h5bp/security/file_access.conf

@@ -5,7 +5,7 @@
 # Block access to directories without a default document.
 #
 # You should leave the following uncommented, as you shouldn't allow anyone to
-# surf through every directory on your server (which may includes rather
+# surf through every directory on your server (which may include rather
 # private places such as the CMS's directories).
 
 <IfModule mod_autoindex.c>
@@ -14,7 +14,7 @@
 
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
-# Block access to all hidden files and directories with the exception of the
+# Block access to all hidden files and directories except for the
 # visible content from within the `/.well-known/` hidden directory.
 #
 # These types of files usually contain user preferences or the preserved state

h5bp/security/strict-transport-security.conf

@@ -9,13 +9,13 @@
 # opportunity (the initial HTTP connection) for an attacker to downgrade or
 # redirect the request.
 #
-# The following header ensures that browser only connects to your server
+# The following header ensures that a browser only connects to your server
 # via HTTPS, regardless of what the users type in the browser's address bar.
 #
 # (!) Be aware that Strict Transport Security is not revokable and you
 #     must ensure being able to serve the site over HTTPS for the duration
 #     you've specified in the `max-age` directive. When you don't have a
-#     valid TLS connection anymore (e.g. due to an expired TLS cerfiticate)
+#     valid TLS connection anymore (e.g. due to an expired TLS certificate)
 #     your visitors will see a nasty error message even when attempting to
 #     connect over HTTP.
 #

h5bp/security/trace_method.conf

@@ -4,7 +4,7 @@
 
 # Prevent Apache from responding to `TRACE` HTTP request.
 #
-# The TRACE method, while apparently harmless, can be successfully leveraged
+# The TRACE method, while seemingly harmless, can be successfully leveraged
 # in some scenarios to steal legitimate users' credentials.
 #
 # Modern browsers now prevent TRACE requests being made via JavaScript,

h5bp/security/x-powered-by.conf

@@ -12,7 +12,7 @@
 #    some cases, the information it provides can expose vulnerabilities
 #
 # (!) If you can, you should disable the `X-Powered-By` header from the
-#     language / framework level (e.g.: for PHP, you can do that by setting
+#     language/framework level (e.g.: for PHP, you can do that by setting
 #     `expose_php = off` in `php.ini`).
 #
 # https://php.net/manual/en/ini.core.php#ini.expose-php

h5bp/security/x-xss-protection.conf

@@ -7,8 +7,8 @@
 # (1) Try to re-enable the cross-site scripting (XSS) filter built into most
 #     web browsers.
 #
-#     The filter is usually enabled by default, but in some cases it may be
-#     disabled by the user. However, in Internet Explorer for example, it can be
+#     The filter is usually enabled by default, but in some cases, it may be
+#     disabled by the user. However, in Internet Explorer, for example, it can be
 #     re-enabled just by sending the  `X-XSS-Protection` header with the value
 #     of `1`.
 #

h5bp/web_performance/cache_expiration.conf

@@ -2,7 +2,7 @@
 # | Cache expiration                                                   |
 # ----------------------------------------------------------------------
 
-# Serve resources with far-future expiration date.
+# Serve resources with a far-future expiration date.
 #
 # (!) If you don't control versioning with filename-based cache busting, you
 # should consider lowering the cache times to something like one week.

h5bp/web_performance/pre-compressed_content_gzip.conf

@@ -2,7 +2,7 @@
 # | GZip pre-compressed content                                        |
 # ----------------------------------------------------------------------
 
-# Serve gzip compressed CSS, JS, HTML, SVG, ICS and JSON files if they exist
+# Serve gzip compressed CSS, JS, HTML, SVG, ICS, and JSON files if they exist
 # and if the client accepts gzip encoding.
 #
 # (!) To make this part relevant, you need to generate encoded files by your
@@ -13,7 +13,7 @@
 # (1) Removing default MIME Type for .gz files allowing to add custom
 #     sub-types.
 #     You may prefer using less generic extensions such as .html_gz in order to
-#     keep default behavior regarding .gz files.
+#     keep the default behavior regarding .gz files.
 #     https://httpd.apache.org/docs/current/mod/mod_mime.html#removetype
 
 <IfModule mod_headers.c>

httpd.conf

@@ -55,7 +55,7 @@ Listen 443
 # https://httpd.apache.org/docs/current/mod/core.html#errorlog
 ErrorLog logs/error.log
 
-# Manimum level of messages to be logged to the ErrorLog.
+# Minimum level of messages to be logged to the ErrorLog.
 # Default: warn
 # https://httpd.apache.org/docs/current/mod/core.html#loglevel
 LogLevel warn
@@ -80,7 +80,7 @@ ServerTokens Prod
 Include h5bp/security/server_software_information.conf
 
 # Prevent Apache from responding to `TRACE` HTTP request.
-# The TRACE method, while apparently harmless, can be successfully
+# The TRACE method, while seemingly harmless, can be successfully
 # leveraged in some scenarios to steal legitimate users' credentials.
 # https://httpd.apache.org/docs/current/mod/core.html#traceenable
 TraceEnable Off

vhosts/.000-default.conf

@@ -6,7 +6,7 @@
 #
 # If no default server is defined, Apache will use the first found server.
 # To prevent host header attacks, or other potential problems when an unknown
-# server name is used in a request, it's recommended use en empty virtual host
+# server name is used in a request, it's recommended to use an empty virtual host
 # as the first loaded one.
 
 <VirtualHost *:443>

vhosts/000-no-ssl-default.conf

@@ -6,7 +6,7 @@
 #
 # If no default server is defined, Apache will use the first found server.
 # To prevent host header attacks, or other potential problems when an unknown
-# server name is used in a request, it's recommended use en empty virtual host
+# server name is used in a request, it's recommended to use an empty virtual host
 # as the first loaded one.
 #
 # (1) In production, only secure hosts should be used (all `no-ssl` disabled).

vhosts/templates/example.com.conf

@@ -2,7 +2,7 @@
 # | Config file for example.com host                                   |
 # ----------------------------------------------------------------------
 #
-# This file is a template for a Apache virtual host.
+# This file is a template for an Apache virtual host.
 # This virtual host listens for the `example.com` host and handles requests.
 # Replace `example.com` with your hostname before enabling.