.htaccess

# HTACCESS CACHE MODE (PRODUCTION)

Options -Indexes

RewriteEngine on

RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-l
RewriteRule ^(.*)$ index.php/$1

# custom domain for blog
#RewriteCond %{HTTP_HOST} ^blog\.webmanajemen\.com [NC]
#RewriteRule ^(.*)$ etc/blog/index.php [NC,QSA]
RewriteCond %{HTTP_HOST} ^blog\.php\.io [NC]
RewriteRule ^(.*)$ etc/blog/index.php [NC,QSA]

<IfModule mod_headers.c>
  # set allow cors
  <FilesMatch "\.(css|js|png|jpg|gif|jpeg|bmp|ico|woff|woff2|otf|map|ttf|otf|eot|svg)$">
    Header set Access-Control-Allow-Origin "*"
  </FilesMatch>

  # allow index.php
  <FilesMatch "index\.php$">
    Order Allow,Deny
    Allow from all
  </FilesMatch>

  # restrict direct access files
  <FilesMatch "\.(?:inc|ini|sh|py|java|jar|har|json|bat|zip|tgz|tar|rar|txt|htaccess)$">
    Order allow,deny
    Deny from all
  </FilesMatch>

  # javascript
  <FilesMatch "\.(?:mjs|js)$">
    Order Allow,Deny
    Allow from all
    Header set Content-type "application/javascript; charset=utf-8"
  </FilesMatch>

  # allow static web files
  <FilesMatch ".*\.(css|js|png|jpg|gif|jpeg|bmp|ico|woff|woff2|otf|map)$">
    Order Allow,Deny
    Allow from all
  </FilesMatch>

  # allow site manifest
  <FilesMatch "(manifest\.json)$">
    Order Allow,Deny
    Allow from all
    Header set Content-type "application/json; charset=utf-8"
  </FilesMatch>
</IfModule>

<ifmodule mod_headers.c>
  # always is similar to "onerrors"
  Header always edit Set-Cookie (.*) "$1; SameSite=strict"
  # success is similar to http 2xx response code
  Header onsuccess edit Set-Cookie (.*) "$1; SameSite=strict"
  # remove duplications (apache sends from both tables always and onsuccess)
  ## https://www.tunetheweb.com/security/http-security-headers/secure-cookies/
  #Strip off double SameSite=strict settings as using above you can sometimes get both
  Header edit Set-Cookie ^(.*);\s?SameSite=strict;?\s?(.*);\s?SameSite=strict;?\s?(.*)$ "$1; $2; $3; SameSite=strict"

  #Strip off double ;; settings
  Header edit Set-Cookie ^(.*);\s?;\s?(.*)$ "$1; $2"

  <If "%{HTTP_USER_AGENT} !~ /(iPhone; CPU iPhone OS 1[0-2]|iPad; CPU OS 1[0-2]|iPod touch; CPU iPhone OS 1[0-2]|Macintosh; Intel Mac OS X.*Version\x2F1[0-2].*Safari)/i">
    Header edit Set-Cookie ^(.*)$ $1;SameSite=None;Secure
  </If>
</ifmodule>

# BEGIN Expire headers
<IfModule mod_expires.c>
  # Turn on the module.
  ExpiresActive on
  # Set the default expiry times.
  ExpiresDefault "access plus 2 days"
  ExpiresByType image/jpg "access plus 1 month"
  ExpiresByType image/svg+xml "access 1 month"
  ExpiresByType image/gif "access plus 1 month"
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType image/png "access plus 1 month"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"
  ExpiresByType application/x-shockwave-flash "access plus 1 month"
  ExpiresByType image/ico "access plus 1 month"
  ExpiresByType image/x-icon "access plus 1 month"
  ExpiresByType text/html "access plus 600 seconds"
</IfModule>
# END Expire headers

# 1 Month for most static assets
<filesMatch ".(css|jpg|jpeg|png|gif|js|ico)$">
  Header set Cache-Control "max-age=2592000, public"
</filesMatch>

<IfModule mod_expires.c>
  Header set cache-control: public
  ExpiresActive on

  ExpiresByType font/ttf "access plus 1 month"
  ExpiresByType font/woff "access plus 1 month"
  ExpiresByType image/svg+xml "access plus 1 month"
</IfModule>

<IfModule mod_deflate.c>
  <FilesMatch "\.(ttf|otf|eot|svg)$">
    SetOutputFilter DEFLATE
  </FilesMatch>
</IfModule>

<ifmodule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml
  # Remove browser bugs (only needed for really old browsers)
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent
</ifmodule>

# Make sure proxies don't deliver the wrong content
<IfModule mod_headers.c>
  Header append Vary User-Agent env=!dont-vary
</IfModule>

# Disable server signature start
    ServerSignature Off
# Disable server signature end