50 lines
1.2 KiB
ApacheConf
50 lines
1.2 KiB
ApacheConf
# Enable Rewrite Engine
|
|
RewriteEngine On
|
|
RewriteBase /
|
|
|
|
# Force HTTPS
|
|
RewriteCond %{HTTPS} off
|
|
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
|
# Protect sensitive files
|
|
<FilesMatch "^\.env">
|
|
Order allow,deny
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# Protect directories
|
|
<DirectoryMatch "^/.*/(?:logs|backups|cache)/">
|
|
Order allow,deny
|
|
Deny from all
|
|
</DirectoryMatch>
|
|
|
|
# Handle PHP errors
|
|
php_flag display_errors off
|
|
php_value error_reporting E_ALL
|
|
php_value error_log logs/php_errors.log
|
|
|
|
# Security Headers
|
|
Header set X-Content-Type-Options "nosniff"
|
|
Header set X-Frame-Options "SAMEORIGIN"
|
|
Header set X-XSS-Protection "1; mode=block"
|
|
Header set Referrer-Policy "strict-origin-when-cross-origin"
|
|
Header set Permissions-Policy "geolocation=(), microphone=(), camera=()"
|
|
|
|
# Cache Control
|
|
<FilesMatch "\.(jpg|jpeg|png|gif|ico|css|js)$">
|
|
Header set Cache-Control "max-age=31536000, public"
|
|
</FilesMatch>
|
|
|
|
# Prevent directory listing
|
|
Options -Indexes
|
|
|
|
# Custom error pages
|
|
ErrorDocument 404 /404.html
|
|
ErrorDocument 403 /403.html
|
|
ErrorDocument 500 /500.html
|
|
|
|
# URL Rewriting Rules
|
|
RewriteRule ^product/([0-9]+)/?$ product.php?id=$1 [NC,L]
|
|
RewriteRule ^category/([^/]+)/?$ category.php?slug=$1 [NC,L]
|
|
RewriteRule ^blog/([^/]+)/?$ blog.php?slug=$1 [NC,L]
|