52 líneas
1.6 KiB
ApacheConf
52 líneas
1.6 KiB
ApacheConf
# AleShell .htaccess Configuration
|
|
# This file helps with URL routing and security
|
|
|
|
# Enable URL rewriting
|
|
RewriteEngine On
|
|
|
|
# Security Headers
|
|
<IfModule mod_headers.c>
|
|
Header always set X-Content-Type-Options nosniff
|
|
Header always set X-Frame-Options DENY
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set Referrer-Policy "strict-origin-when-cross-origin"
|
|
</IfModule>
|
|
|
|
# Prevent access to sensitive files
|
|
<FilesMatch "\.(md|json|lock|yml|yaml|xml|log)$">
|
|
Require all denied
|
|
</FilesMatch>
|
|
|
|
# Protect src directory - Alternative method for .htaccess
|
|
RewriteRule ^src/ - [F,L]
|
|
|
|
# API and Auth routing
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^(api|auth)/(.*)$ index.php/$1/$2 [L,QSA]
|
|
|
|
# General routing for non-existent files
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
|
|
|
|
# Disable server signature
|
|
ServerSignature Off
|
|
|
|
# Prevent directory browsing
|
|
Options -Indexes
|
|
|
|
# Cache static files
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresByType text/css "access plus 1 month"
|
|
ExpiresByType application/javascript "access plus 1 month"
|
|
ExpiresByType image/png "access plus 1 month"
|
|
ExpiresByType image/jpg "access plus 1 month"
|
|
ExpiresByType image/jpeg "access plus 1 month"
|
|
ExpiresByType image/gif "access plus 1 month"
|
|
ExpiresByType image/ico "access plus 1 month"
|
|
ExpiresByType image/icon "access plus 1 month"
|
|
ExpiresByType text/ico "access plus 1 month"
|
|
ExpiresByType image/x-icon "access plus 1 month"
|
|
</IfModule> |