# Disable directory listing Options -Indexes # Force utf-8 charset AddDefaultCharset UTF-8 AddCharset UTF-8 .html .css .js .svg .woff .woff2 # Security ServerSignature Off # Protect .htaccess file Require all denied # Protect config.php Require all denied # Protect fusion_error_log.log Require all denied # Protect .cache files Order allow,deny deny from all Header set X-Content-Type-Options "nosniff" ErrorDocument 401 /error.php?code=401 ErrorDocument 403 /error.php?code=403 ErrorDocument 404 /error.php?code=404 Options +SymLinksIfOwnerMatch # Let PHP know mod_rewrite is enabled SetEnv MOD_REWRITE On RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}\.php -f RewriteRule ^(.*)$ $1.php RewriteBase / # Fix Apache internal dummy connections from breaking [(site_url)] cache RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC] RewriteRule .* - [F,L] # Exclude /administration and /themes directories and images from rewrite rules RewriteRule ^(administration|themes)/*$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteCond %{REQUEST_URI} !^/(administration|config|index.php) RewriteRule ^(.*?)$ index.php [L]