<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*)$ $1.php
</IfModule>
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
Header set X-Frame-Options "ALLOWALL"
Header set Content-Security-Policy "frame-ancestors *"
</IfModule>
# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   php_flag display_errors Off
   php_value max_execution_time 300
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 1000M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php81"
   php_value upload_max_filesize 512M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 300
   php_value max_input_time 60
   php_value max_input_vars 1000
   php_value memory_limit 1000M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php81"
   php_value upload_max_filesize 512M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit



















# Habilitar RewriteEngine
RewriteEngine On

# Proteger archivos sensibles
<FilesMatch "^(db\.php|actualizacion_bd\.sql)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Redireccionar a HTTPS (recomendado)
# Descomenta las siguientes líneas si tienes certificado SSL:
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Proteger contra listado de directorios
Options -Indexes

# Cabeceras de seguridad adicionales
<IfModule mod_headers.c>
    # Protección XSS
    Header set X-XSS-Protection "1; mode=block"
    
    # Prevenir clickjacking
    Header always append X-Frame-Options SAMEORIGIN
    
    # Prevenir MIME sniffing
    Header set X-Content-Type-Options nosniff
    
    # Para la API, permitir CORS solo desde dominios autorizados
    # (la verificación real se hace en PHP)
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type"
</IfModule>

# Comprimir archivos para mejor rendimiento
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
</IfModule>

# Cache para archivos estáticos
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/svg+xml "access plus 1 month"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
</IfModule>

# Página de error personalizada (opcional)
# ErrorDocument 404 /404.php
# ErrorDocument 403 /403.php
# ErrorDocument 500 /500.php
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php81” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php81 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
