# Enable Rewrite Engine RewriteEngine On RewriteBase / # Force HTTPS RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # Protect sensitive files Order allow,deny Deny from all # Protect directories Order allow,deny Deny from all # Handle PHP errors php_flag display_errors off php_value error_reporting E_ALL php_value error_log logs/php_errors.log # Security Headers Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set Referrer-Policy "strict-origin-when-cross-origin" Header set Permissions-Policy "geolocation=(), microphone=(), camera=()" # Cache Control Header set Cache-Control "max-age=31536000, public" # Prevent directory listing Options -Indexes # Custom error pages ErrorDocument 404 /404.html ErrorDocument 403 /403.html ErrorDocument 500 /500.html # URL Rewriting Rules RewriteRule ^product/([0-9]+)/?$ product.php?id=$1 [NC,L] RewriteRule ^category/([^/]+)/?$ category.php?slug=$1 [NC,L] RewriteRule ^blog/([^/]+)/?$ blog.php?slug=$1 [NC,L]