innhold/content/.htaccess

DirectorySlash Off

# Block direct access to content source files
<FilesMatch "\.(ini|md|html|php)$">
    # Allow only the entry point
    <If "%{REQUEST_URI} != '/index.php'">
        Require all denied
    </If>
</FilesMatch>

# Security headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "DENY"
    Header set Referrer-Policy "strict-origin-when-cross-origin"
    Header set Permissions-Policy "camera=(), microphone=(), geolocation=()"
    Header unset X-Powered-By
    Header always unset X-Powered-By
</IfModule>

# Restrict HTTP methods to GET, POST, HEAD
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    RewriteCond %{REQUEST_METHOD} !^(GET|POST|HEAD)$ [NC]
    RewriteRule .* - [F,L]

    # Route /app requests to index.php
    RewriteCond %{REQUEST_URI} ^/app/
    RewriteRule ^(.*)$ /index.php [L,QSA]

    # Don't rewrite if file exists
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ /index.php [L,QSA]
</IfModule>

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   php_value date.timezone "Europe/Paris"
</IfModule>
<IfModule lsapi_module>
   php_value date.timezone "Europe/Paris"
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “alt-php84” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-alt-php84 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
Initial commit 2025-10-02 17:01:55 +02:00			`DirectorySlash Off`

Add security hardening for shared hosting environments Improve session cookie security with HttpOnly and SameSite attributes Add security headers via .htaccess Block direct access to sensitive files Restrict allowed HTTP methods Document cPanel-specific security configuration Add container hardening for ServerTokens and ServerSignature 2026-02-10 23:02:57 +01:00			`# Block direct access to content source files`
			`<FilesMatch "\.(ini\|md\|html\|php)$">`
			`# Allow only the entry point`
			`<If "%{REQUEST_URI} != '/index.php'">`
			`Require all denied`
			`</If>`
			`</FilesMatch>`

			`# Security headers`
			`<IfModule mod_headers.c>`
			`Header set X-Content-Type-Options "nosniff"`
			`Header set X-Frame-Options "DENY"`
			`Header set Referrer-Policy "strict-origin-when-cross-origin"`
			`Header set Permissions-Policy "camera=(), microphone=(), geolocation=()"`
			`Header unset X-Powered-By`
			`Header always unset X-Powered-By`
			`</IfModule>`

			`# Restrict HTTP methods to GET, POST, HEAD`
Initial commit 2025-10-02 17:01:55 +02:00			`<IfModule mod_rewrite.c>`
			`RewriteEngine On`
			`RewriteBase /`
Update app routing to use index.php instead of proxy Remove app proxy rule and add condition to route /app requests to index.php while preserving other existing behavior 2025-10-02 18:43:16 +02:00
Add security hardening for shared hosting environments Improve session cookie security with HttpOnly and SameSite attributes Add security headers via .htaccess Block direct access to sensitive files Restrict allowed HTTP methods Document cPanel-specific security configuration Add container hardening for ServerTokens and ServerSignature 2026-02-10 23:02:57 +01:00			`RewriteCond %{REQUEST_METHOD} !^(GET\|POST\|HEAD)$ [NC]`
			`RewriteRule .* - [F,L]`

Update app routing to use index.php instead of proxy Remove app proxy rule and add condition to route /app requests to index.php while preserving other existing behavior 2025-10-02 18:43:16 +02:00			`# Route /app requests to index.php`
			`RewriteCond %{REQUEST_URI} ^/app/`
			`RewriteRule ^(.*)$ /index.php [L,QSA]`

Initial commit 2025-10-02 17:01:55 +02:00			`# Don't rewrite if file exists`
			`RewriteCond %{REQUEST_FILENAME} !-f`
			`RewriteRule ^(.*)$ /index.php [L,QSA]`
			`</IfModule>`
Update .htaccess for PHP 8.4 compatibility 2025-11-04 23:12:39 +01:00
cPanel PHP INI additions 2026-01-20 21:20:02 +01:00			`# BEGIN cPanel-generated php ini directives, do not edit`
			`# Manual editing of this file may result in unexpected behavior.`
			`# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)`
			`# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)`
			`<IfModule php8_module>`
			`php_value date.timezone "Europe/Paris"`
			`</IfModule>`
			`<IfModule lsapi_module>`
			`php_value date.timezone "Europe/Paris"`
			`</IfModule>`
			`# END cPanel-generated php ini directives, do not edit`
cPanel additions 2026-01-22 20:55:19 +01:00
			`# php -- BEGIN cPanel-generated handler, do not edit`
			`# Set the “alt-php84” package as the default “PHP” programming language.`
			`<IfModule mime_module>`
			`AddHandler application/x-httpd-alt-php84 .php .php8 .phtml`
			`</IfModule>`
			`# php -- END cPanel-generated handler, do not edit`