# -----------------------------------------
# 🔒 Security & Basic Hardening
# -----------------------------------------
Options -Indexes
ServerSignature Off

# Block access to hidden files
<Files ~ "^\.">
    Order allow,deny
    Deny from all
</Files>

# Protect htaccess
<Files .htaccess>
    Order Allow,Deny
    Deny from all
</Files>

# -----------------------------------------
# 🌐 Force HTTPS
# -----------------------------------------
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

# -----------------------------------------
# 🎯 Remove .html extension (SEO Friendly URLs)
# -----------------------------------------
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.html -f
RewriteRule ^([^/]+)/?$ $1.html [L]

# -----------------------------------------
# ⚡ Caching for performance (speed boost)
# -----------------------------------------
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault "access plus 1 week"

    # Images
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"

    # Fonts
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType font/woff "access plus 1 year"

    # CSS & JS
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"

    # HTML
    ExpiresByType text/html "access plus 2 hours"
</IfModule>

# -----------------------------------------
# 🗜️ Gzip Compression (Boost speed + SEO)
# -----------------------------------------
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/json
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE image/svg+xml
</IfModule>

# -----------------------------------------
# 🛡️ XSS & Clickjacking Protection
# -----------------------------------------
Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options "nosniff"

# -----------------------------------------
# 📌 Redirect www to non-www (or العكس اختار)
# (ده يغيّر www.domain.com → domain.com)
# -----------------------------------------
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

# -----------------------------------------
# 🔍 SEO: Canonical Enforcement لمنع المحتوى المكرر
# -----------------------------------------
RewriteCond %{THE_REQUEST} " \/[A-Z0-9_\-]+\/index\.html" [NC]
RewriteRule ^(.*)index\.html$ /$1 [R=301,L]

# php -- BEGIN cPanel-generated handler, do not edit
# This domain inherits the “PHP” package.
# php -- END cPanel-generated handler, do not edit
