-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.htaccess
82 lines (70 loc) · 2.61 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# Disable directory browsing
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
# Enable mod_rewrite
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
</IfModule>
# Handle requests to admin (backend) without exposing /backend/web
<IfModule mod_rewrite.c>
# Deal with admin requests
RewriteCond %{REQUEST_URI} ^/(admin)
RewriteRule ^admin/assets/(.*)$ backend/web/assets/$1 [L]
RewriteRule ^admin/css/(.*)$ backend/web/css/$1 [L]
RewriteRule ^admin/themes/(.*)$ backend/web/themes/$1 [L]
RewriteRule ^admin/images/(.*)$ backend/web/images/$1 [L]
RewriteRule ^admin/uploads/(.*)$ backend/web/uploads/$1 [L]
RewriteRule ^admin/(.*)$ backend/web/$1 [L]
# Redirect backend requests to backend index.php
RewriteCond %{REQUEST_URI} !^/backend/web/(assets|css)/
RewriteCond %{REQUEST_URI} ^/(admin)
RewriteRule ^.*$ backend/web/index.php [L]
# Handle requests to frontend without exposing /frontend/web
RewriteCond %{REQUEST_URI} !^/(frontend|backend)/web/
RewriteRule ^assets/(.*)$ frontend/web/assets/$1 [L]
RewriteRule ^css/(.*)$ frontend/web/css/$1 [L]
RewriteRule ^themes/(.*)$ frontend/web/themes/$1 [L]
RewriteRule ^images/(.*)$ frontend/web/images/$1 [L]
RewriteRule ^uploads/(.*)$ frontend/web/uploads/$1 [L]
RewriteRule ^(.*)$ frontend/web/$1 [L]
# Default route to frontend index.php for other requests
RewriteCond %{REQUEST_URI} !^/(frontend|backend)/web/(assets|css)/
RewriteCond %{REQUEST_URI} !index.php
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ frontend/web/index.php [L]
</IfModule>
# Block access to backup and source files
<FilesMatch "(\.(bak|bat|config|sql|fla|md|psd|ini|log|sh|inc|swp|dist)|~|init|composer\.json|composer\.lock)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Increase cookie security
<IfModule php5_module>
php_value session.cookie_httponly true
</IfModule>
# PHP version handling
<IfModule mime_module>
AddHandler application/x-httpd-ea-php72 .php .php7 .phtml
</IfModule>
# Additional PHP handler for cPanel compatibility
<IfModule mime_module>
AddHandler application/x-httpd-ea-php81 .php .php8 .phtml
</IfModule>
# Allow access for localhost in Apache 2.4 or later
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
# Fallback for Apache versions before 2.4
<IfModule !mod_authz_core.c>
Order allow,deny
Allow from all
</IfModule>
# Enable pretty URLs by hiding index.php
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]