# Enable the rewrite engine
RewriteEngine On

# Set the base URL for rewrites
RewriteBase /

# Handle Front Controller pattern
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ router.php?path=$1 [QSA,L]

# Set default character set
AddDefaultCharset UTF-8

# Control caching to prevent white screens
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/css "access plus 1 year"
    ExpiresByType application/javascript "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
</IfModule>

# Handle security headers
<IfModule mod_headers.c>
    # Protect against XSS attacks
    Header set X-XSS-Protection "1; mode=block"
    # Prevent MIME-type sniffing
    Header set X-Content-Type-Options "nosniff"
    # Control framing of the site
    Header set X-Frame-Options "SAMEORIGIN"
    # Enable HSTS
    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    # No caching for PHP files
    <FilesMatch "\.(php)$">
        Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
        Header set Pragma "no-cache"
    </FilesMatch>
</IfModule>

# PHP settings for production
<IfModule mod_php7.c>
    php_flag display_errors Off
    php_flag log_errors On
    php_value max_execution_time 30
    php_value max_input_time 60
    php_value memory_limit 128M
    php_value post_max_size 12M
    php_value upload_max_filesize 10M
</IfModule>

# Disable directory browsing
Options All -Indexes
