芝麻web文件管理V1.00

编辑当前文件:/home/qrafawbu/abrokyireboyz.com/.htaccess
# ========================== # BASIC SECURITY SETTINGS # ========================== # Disable Directory Listing Options -Indexes # Deny execution of PHP files in /assets/ folder <FilesMatch "^assets/.*\.php$"> Require all denied </FilesMatch> # Deny execution of PHP files in /tickets/ folder (except tickets.php) <FilesMatch "^tickets/(?!tickets\.php$).*\.php$"> Require all denied </FilesMatch> # ========================== # PROTECTION AGAINST COMMON ATTACKS # ========================== # Protect .htaccess itself <Files ".htaccess"> Require all denied </Files> # Protect sensitive files <FilesMatch "\.(env|git|svn|bash|sh|json|lock|ini|log|yaml|yml|sql)$"> Require all denied </FilesMatch> # Protect log files <FilesMatch "(error_log|debug\.log|php_errors\.log)$"> Require all denied </FilesMatch> # ========================== # SECURITY HEADERS # ========================== <IfModule mod_headers.c> Header always append X-Frame-Options SAMEORIGIN Header set X-XSS-Protection "1; mode=block" Header set X-Content-Type-Options "nosniff" </IfModule> # ========================== # URL REWRITING # ========================== RewriteEngine On # Remove "index.php" from URL RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^index\.php/(.*)$ /$1 [L,R=301] # Force HTTPS RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # ========================== # CACHE CONTROL # ========================== <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" </IfModule> # ========================== # COMPRESSION # ========================== <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json </IfModule> # ========================== # HOTLINKING PROTECTION # ========================== RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https://(www\.)?abrokyireboyz\.com [NC] RewriteRule \.(jpg|jpeg|png|gif|svg|webp|ico|bmp)$ - [F,NC] # ========================== # CUSTOM ERROR PAGES # ========================== ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 500 /error/500.html # php -- BEGIN cPanel-generated handler, do not edit # Set the “ea-php73” package as the default “PHP” programming language. <IfModule mime_module> AddHandler application/x-httpd-ea-php73 .php .php7 .phtml </IfModule> # php -- END cPanel-generated handler, do not edit