<IfModule mod_rewrite.c>
    RewriteEngine On

    #Secure Cookies
    Header always edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure

    # Force SSL
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}/ [L,R=301]
     # Remove public folder form URL
    RewriteRule ^(.*)$ public/$1 [L]

    # Extra Security Headers
    Header set X-XSS-Protection "1; mode=block"
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options nosniff
    
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    
    # Disable server signature
    ServerSignature Off
    
    # Block access to specific files
    <FilesMatch "\.(env|json|config|lock|gitignore|gitattributes|log|htaccess|htpasswd|phar|sql|bak|env|sh|DS_Store)$">
        Order Allow,Deny
        Deny from all
    </FilesMatch>


</IfModule>

# Disable PHP version disclosure
<IfModule mod_headers.c>
    Header unset X-Powered-By
</IfModule>

# # Extra Security Headers
# <IfModule mod_headers.c>

# </IfModule>


#Disable index view
options -Indexes
#hide a Specifuc File
<Files .env>
    order allow,deny
    Deny from all
</Files>

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php81” package as the default “PHP” programming language.
<IfModule mime_module>
    AddHandler application/x-httpd-ea-php81 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
RewriteCond %{HTTP_HOST} ^retail\.veritaskapital\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.retail\.veritaskapital\.com$
RewriteRule ^/?$ "https\:\/\/retail\.veritaskapital\.com\/index" [R=302,L]

