<IfModule mod_rewrite.c>
    # Enable Rewrite Engine
    RewriteEngine On

    # Remove index.php from URL
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [L]

    # Security Headers
    Header always set X-Frame-Options "ALLOWALL"
    Header always set X-Content-Type-Options "nosniff"
    Header always set Content-Security-Policy "frame-ancestors *"

    # Allow CORS (optional, if required for API or external services)
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "GET, POST, OPTIONS"
    Header always set Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization"
</IfModule>

<IfModule !mod_rewrite.c>
    # Redirect all 404 errors to index.php if mod_rewrite is not enabled
    ErrorDocument 404 /index.php
</IfModule>

# Disable directory listing
Options -Indexes

# Set default character encoding
AddDefaultCharset UTF-8
# Cache control for performance optimization
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType application/x-javascript "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
    ExpiresByType image/x-icon "access plus 1 month"
    ExpiresDefault "access plus 1 month"
</IfModule>
# Protect sensitive files
<FilesMatch "\.(htaccess|htpasswd|ini|log|sh|sql|bak)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# PHP settings (optional, customize as needed)
<IfModule mod_php.c>
    php_flag display_errors Off
    php_flag log_errors On
    php_value max_execution_time 300
    php_value memory_limit 256M
    php_value post_max_size 20M
    php_value upload_max_filesize 20M
</IfModule>

