From c50c4d481fc8149fa9ebafbc2949453428e3175a Mon Sep 17 00:00:00 2001
From: Ruben <post@rubensolvang.no>
Date: Fri, 16 Jan 2026 22:02:14 +0100
Subject: [PATCH] Add base URL rewrite rules and secure petition data files

Add base URL rewrite rules for app routing
Secure petition data files with access restrictions
---
 content/.htaccess.base          | 14 ++++++++++++++
 custom/data/petitions/.htaccess |  7 +++++++
 2 files changed, 21 insertions(+)
 create mode 100644 content/.htaccess.base
 create mode 100644 custom/data/petitions/.htaccess

diff --git a/content/.htaccess.base b/content/.htaccess.base
new file mode 100644
index 0000000..5bbdf2e
--- /dev/null
+++ b/content/.htaccess.base
@@ -0,0 +1,14 @@
+DirectorySlash Off
+
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteBase /
+
+    # Route /app requests to index.php
+    RewriteCond %{REQUEST_URI} ^/app/
+    RewriteRule ^(.*)$ /index.php [L,QSA]
+
+    # Don't rewrite if file exists
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteRule ^(.*)$ /index.php [L,QSA]
+</IfModule>
diff --git a/custom/data/petitions/.htaccess b/custom/data/petitions/.htaccess
new file mode 100644
index 0000000..2928f4a
--- /dev/null
+++ b/custom/data/petitions/.htaccess
@@ -0,0 +1,7 @@
+# Deny access to petition data files
+<FilesMatch "\.csv$">
+    Require all denied
+</FilesMatch>
+
+# Also deny directory listing
+Options -Indexes