# .htaccess principal — ProyectoGestion # Seguridad, URL clean y redirects Options -Indexes ServerSignature Off # ── Caché de assets estáticos ──────────────────────────────────────────────── ExpiresActive On ExpiresByType text/css "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType image/png "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType font/woff2 "access plus 1 year" # ── Cabeceras de seguridad ──────────────────────────────────────────────────── Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set Referrer-Policy "strict-origin-when-cross-origin" Header set Permissions-Policy "geolocation=(), microphone=(), camera=()" # ── Proteger archivos sensibles ─────────────────────────────────────────────── Order Deny,Allow Deny from all Order Deny,Allow Deny from all # ── GZIP compression ───────────────────────────────────────────────────────── AddOutputFilterByType DEFLATE text/html text/css application/javascript application/json # ── Reescritura de URL (si se quiere URL limpia) ───────────────────────────── RewriteEngine On RewriteBase /ProyectoGestion/ # Redirigir /ProyectoGestion/ → /ProyectoGestion/index.php RewriteRule ^$ index.php [L] # No reescribir archivos/directorios que existen RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?url=$1 [L,QSA]