# --------------------------------------------
# 1. Disable directory listing
Options -Indexes

# --------------------------------------------
# 2. Set default encoding
AddDefaultCharset UTF-8

# --------------------------------------------
# 3. Rewrite URLs to use index.php
<IfModule mod_rewrite.c>
    RewriteEngine On

    # Force HTTPS (optional)
    # RewriteCond %{HTTPS} off
    # RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # Clean URLs (redirect all to index.php)
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^ index.php [QSA,L]
</IfModule>

# --------------------------------------------
# 4. Block access to sensitive files
<FilesMatch "(^\.env|config\.php|error\.log|composer\.json|composer\.lock)">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# --------------------------------------------
# 5. Cache control (optional)
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 30 days"
    ExpiresByType image/jpeg "access plus 30 days"
    ExpiresByType image/png "access plus 30 days"
    ExpiresByType text/css "access plus 7 days"
    ExpiresByType application/javascript "access plus 7 days"
</IfModule>

# --------------------------------------------
# 6. Error handling (optional)
ErrorDocument 403 /error_pages/403.html
ErrorDocument 404 /error_pages/404.html
ErrorDocument 500 /error_pages/500.html
