Your IP : 216.73.217.20

Current Path : /home/u438053920/domains/allindiacomputereducation.com/public_html/
Upload File :
Current File : /home/u438053920/domains/allindiacomputereducation.com/public_html/.htaccess

Options -Indexes -Includes -ExecCGI
ServerSignature Off

# ── Your PHP handler (keep this, it runs your site) ──────────
<FilesMatch "\.(php4|php5|php3|php2|php|phtml)$">
  SetHandler application/x-lsphp73
</FilesMatch>

# ── Block sensitive files (NOT php — that's handled above) ───
<FilesMatch "\.(env|log|sql|bak|sh|htpasswd|lock|ini|git)$">
  Order allow,deny
  Deny from all
</FilesMatch>

# ── Protect .htaccess itself ──────────────────────────────────
<Files ".htaccess">
  Order allow,deny
  Deny from all
</Files>

RewriteEngine On

# ── Force HTTPS (put this first in rewrites) ──────────────────
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# ── Block path traversal ──────────────────────────────────────
RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%0d|%0a|%00) [NC]
RewriteRule ^ - [F,L]

# ── Block bad bots ────────────────────────────────────────────
RewriteCond %{HTTP_USER_AGENT} (sqlmap|nikto|nmap|masscan|zgrab) [NC]
RewriteRule ^ - [F,L]

# ── Block exploit probes ──────────────────────────────────────
RewriteCond %{REQUEST_URI} (wp-admin|wp-login|phpmyadmin|\.git|\.svn) [NC]
RewriteRule ^ - [F,L]

# ── Block TRACE/TRACK ─────────────────────────────────────────
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule ^ - [F,L]

# ── Security headers ──────────────────────────────────────────
<IfModule mod_headers.c>
  Header always set X-Content-Type-Options "nosniff"
  Header always set X-Frame-Options "SAMEORIGIN"
  Header always set X-XSS-Protection "1; mode=block"
  Header always set Referrer-Policy "strict-origin-when-cross-origin"
  Header always set Permissions-Policy "geolocation=(), camera=(), microphone=()"
  Header always set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"
  Header unset Server
  Header unset X-Powered-By
</IfModule>

# ── Upload size limit ─────────────────────────────────────────
LimitRequestBody 5242880

# ── Browser caching ───────────────────────────────────────────
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType text/css "access plus 1 week"
  ExpiresByType application/javascript "access plus 1 week"
</IfModule>