#.htaccess file for Allmice CMS

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^ index.php [L]
</IfModule>
AddDefaultCharset UTF-8

# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock))$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
  <IfModule mod_authz_core.c>
    Require all denied
  </IfModule>
  <IfModule !mod_authz_core.c>
    Order allow,deny
  </IfModule>
</FilesMatch>

# Hide directory listings for URLs which map to a directory.
Options -Indexes

# Set the default handler.
DirectoryIndex index.php index.html index.htm

# Avoid duplicate content, if your website can be used with 'www.' subdomain. Use only one of the following redirect options.
# 
# Redirect users to use the site with the 'www.' subdomain,
# (http://example.com will be redirected to http://www.example.com)
# uncomment following lines:
# RewriteCond %{HTTP_HOST} .
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# Redirect users to use the website without the 'www.' subdomain,
# (http://www.example.com will be redirected to http://example.com)
# uncomment following lines:
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]

# Various header fixes.
<IfModule mod_headers.c>
  # Disable content sniffing.
  Header always set X-Content-Type-Options nosniff
  # Disable Proxy header.
  RequestHeader unset Proxy
</IfModule>
