# Enable Rewrite Engine RewriteEngine On RewriteBase / # Force HTTPS RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # Protect sensitive files Order allow,deny Deny from all # Protect directories Order allow,deny Deny from all # Security headers Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set Referrer-Policy "strict-origin-when-cross-origin" Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; connect-src 'self'" # Cache control Header set Cache-Control "max-age=31536000, public" # PHP settings php_flag display_errors off php_value upload_max_filesize 5M php_value post_max_size 6M php_value max_execution_time 30 php_value max_input_time 60 php_value memory_limit 128M php_value error_reporting E_ALL php_value error_log logs/php_errors.log # Directory protection Options -Indexes ServerSignature Off # Custom error pages ErrorDocument 404 /404.html ErrorDocument 403 /403.html ErrorDocument 500 /500.html # URL Rewriting Rules RewriteRule ^product/([0-9]+)/?$ product.php?id=$1 [NC,L] RewriteRule ^category/([^/]+)/?$ category.php?slug=$1 [NC,L] RewriteRule ^blog/([^/]+)/?$ blog.php?slug=$1 [NC,L]