# Aegean Dominance - URL Rewriting & SEO
# İzmir Tenteci V2

RewriteEngine On
RewriteBase /v2/public/

# Force HTTPS (uncomment for production)
# RewriteCond %{HTTPS} off
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Remove www (uncomment for production)
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]

# Prevent directory listing
Options -Indexes

# Security headers
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
    Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
</IfModule>

# GZIP Compression
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
    AddOutputFilterByType DEFLATE application/javascript application/json
    AddOutputFilterByType DEFLATE image/svg+xml application/xml
</IfModule>

# Browser Caching
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault "access plus 1 month"
    ExpiresByType text/html "access plus 0 seconds"
    ExpiresByType text/css "access plus 1 year"
    ExpiresByType application/javascript "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType application/xml "access plus 0 seconds"
</IfModule>

# =====================================================
# SEO-FRIENDLY URL REWRITES
# =====================================================

# Sitemap.xml -> sitemap.php
RewriteRule ^sitemap\.xml$ sitemap.php [L]

# Robots.txt pass-through
RewriteRule ^robots\.txt$ robots.txt [L]

# Static assets - don't rewrite
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule \.(css|js|png|jpg|jpeg|gif|webp|svg|ico|woff|woff2)$ - [L]

# Don't rewrite existing files and directories
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# SEF URL Rewriting - all routes go to index.php
RewriteRule ^(.*)$ index.php [QSA,L]

# =====================================================
# SECURITY
# =====================================================

# Block access to sensitive files
<FilesMatch "\.(sql|env|log|bak|config)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Block access to PHP files in certain directories
<FilesMatch "^(config|database)\.php$">
    Order allow,deny
    Deny from all
</FilesMatch>
