57 lines
2.4 KiB
ApacheConf
57 lines
2.4 KiB
ApacheConf
# .htaccess principal — ProyectoGestion
|
|
# Seguridad, URL clean y redirects
|
|
|
|
Options -Indexes
|
|
ServerSignature Off
|
|
|
|
# ── Caché de assets estáticos ────────────────────────────────────────────────
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresByType text/css "access plus 1 month"
|
|
ExpiresByType application/javascript "access plus 1 month"
|
|
ExpiresByType image/png "access plus 1 year"
|
|
ExpiresByType image/jpeg "access plus 1 year"
|
|
ExpiresByType image/gif "access plus 1 year"
|
|
ExpiresByType image/svg+xml "access plus 1 year"
|
|
ExpiresByType font/woff2 "access plus 1 year"
|
|
</IfModule>
|
|
|
|
# ── Cabeceras de seguridad ────────────────────────────────────────────────────
|
|
<IfModule mod_headers.c>
|
|
Header set X-Content-Type-Options "nosniff"
|
|
Header set X-Frame-Options "SAMEORIGIN"
|
|
Header set X-XSS-Protection "1; mode=block"
|
|
Header set Referrer-Policy "strict-origin-when-cross-origin"
|
|
Header set Permissions-Policy "geolocation=(), microphone=(), camera=()"
|
|
</IfModule>
|
|
|
|
# ── Proteger archivos sensibles ───────────────────────────────────────────────
|
|
<FilesMatch "(\.env|\.env\.example|composer\.json|composer\.lock)$">
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
<FilesMatch "^(config|cron|lib|database|exports)">
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# ── GZIP compression ─────────────────────────────────────────────────────────
|
|
<IfModule mod_deflate.c>
|
|
AddOutputFilterByType DEFLATE text/html text/css application/javascript application/json
|
|
</IfModule>
|
|
|
|
# ── Reescritura de URL (si se quiere URL limpia) ─────────────────────────────
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine On
|
|
RewriteBase /ProyectoGestion/
|
|
|
|
# Redirigir /ProyectoGestion/ → /ProyectoGestion/index.php
|
|
RewriteRule ^$ index.php [L]
|
|
|
|
# No reescribir archivos/directorios que existen
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^(.*)$ index.php?url=$1 [L,QSA]
|
|
</IfModule>
|