33 lines
1.3 KiB
ApacheConf
33 lines
1.3 KiB
ApacheConf
Options -Indexes
|
|
|
|
# Block direct access to PHP config and internal files
|
|
<FilesMatch "^(config\.php|db\.php|schema\.sql)$">
|
|
Require all denied
|
|
</FilesMatch>
|
|
|
|
RewriteEngine On
|
|
RewriteBase /
|
|
|
|
# Skip rewrite if file physically exists
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
|
|
# API routing
|
|
RewriteRule ^api/auth/?$ api/auth.php [QSA,L]
|
|
RewriteRule ^api/streamers/?$ api/streamers.php [QSA,L]
|
|
RewriteRule ^api/live/?$ api/live.php [QSA,L]
|
|
RewriteRule ^api/comments/?$ api/comments.php [QSA,L]
|
|
RewriteRule ^api/oauth/?$ api/oauth.php [QSA,L]
|
|
RewriteRule ^api/settings/?$ api/settings.php [QSA,L]
|
|
RewriteRule ^api/moderators/?$ api/moderators.php [QSA,L]
|
|
RewriteRule ^api/rater_groups/?$ api/rater_groups.php [QSA,L]
|
|
RewriteRule ^api/community_ratings/?$ api/community_ratings.php [QSA,L]
|
|
|
|
# Security headers
|
|
<IfModule mod_headers.c>
|
|
Header always set X-Content-Type-Options "nosniff"
|
|
Header always set X-Frame-Options "ALLOW-FROM https://nb.garoshi.eu https://naughtybulldogs.eu"
|
|
Header always set Content-Security-Policy "frame-ancestors 'self' https://nb.garoshi.eu https://naughtybulldogs.eu"
|
|
Header always set Referrer-Policy "strict-origin-when-cross-origin"
|
|
</IfModule>
|