|
@@ -1,15 +1,28 @@
|
|
|
|
|
+Options -Indexes
|
|
|
|
|
+DirectoryIndex index.php
|
|
|
|
|
+
|
|
|
RewriteEngine On
|
|
RewriteEngine On
|
|
|
RewriteBase /
|
|
RewriteBase /
|
|
|
|
|
|
|
|
-RewriteRule "^\.well-known/" - [L]
|
|
|
|
|
|
|
+# ── Allow .well-known for SSL/ACME challenges ──────────────────────────────
|
|
|
|
|
+RewriteRule ^\.well-known/ - [L]
|
|
|
|
|
|
|
|
-RewriteRule "/\.|^\.(?!well-known/)" - [F]
|
|
|
|
|
|
|
+# ── Block all other dotfiles ───────────────────────────────────────────────
|
|
|
|
|
+RewriteRule (?:^|/)\. - [F,L]
|
|
|
|
|
|
|
|
-RewriteCond %{HTTP_HOST} .
|
|
|
|
|
-RewriteCond %{HTTP_HOST} ^www.(.*)$ [NC]
|
|
|
|
|
-RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
|
|
|
|
|
|
|
+# ── www → non-www (301) ────────────────────────────────────────────────────
|
|
|
|
|
+RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
|
|
|
|
|
+RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
|
|
|
|
|
|
|
|
-# The Friendly URLs part
|
|
|
|
|
-RewriteCond %{REQUEST_FILENAME} !-f
|
|
|
|
|
|
|
+# ── Strip .php from the address bar (GET/HEAD only — POST submissions kept) ─
|
|
|
|
|
+# e.g. /login/login.php → /login/login
|
|
|
|
|
+RewriteCond %{REQUEST_METHOD} ^(GET|HEAD)$
|
|
|
|
|
+RewriteCond %{THE_REQUEST} \s/+(.*?)\.php[\s?]
|
|
|
|
|
+RewriteRule ^ /%2 [R=301,L,QSA]
|
|
|
|
|
+
|
|
|
|
|
+# ── Serve extensionless URLs by mapping to the matching .php file ──────────
|
|
|
|
|
+# e.g. /login/login → /login/login.php (internal, URL stays clean)
|
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
|
-RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
|
|
|
|
|
|
|
+RewriteCond %{REQUEST_FILENAME} !-f
|
|
|
|
|
+RewriteCond %{REQUEST_FILENAME}\.php -f
|
|
|
|
|
+RewriteRule ^(.+?)/?$ $1.php [L]
|
