Header always set X-Content-Type-Options "nosniff" Header always set X-XSS-Protection "1; mode=block" Header always set X-Frame-Options "deny" # Belső hálózat - cache OK Header set Cache-Control "private, max-age=3600" ExpiresActive On ExpiresDefault "access plus 1 hour" RewriteEngine on # HTTPS erőltetés (opcionális belső hálózaton) # RewriteCond %{HTTPS} off # RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # PHP rewrite RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}.php -f RewriteRule ^(.*)$ $1.php [L] DirectoryIndex index.html index.php # CSAK külső hotlink ellen (JSON/PHP kivéve) RewriteCond %{REQUEST_URI} !\.(php|json)$ RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https?://szaturnusz\.szatuna\.hu [NC] RewriteRule \.(jpg|jpeg|png|gif|css)$ - [NC,F,L] # CSAK VALÓDI hibákra ErrorDocument ErrorDocument 400 /error.php ErrorDocument 401 /error.php ErrorDocument 403 /error.php ErrorDocument 404 /error.php ErrorDocument 500 /error.php ErrorDocument 502 /error.php ErrorDocument 503 /error.php IndexIgnore *.png *.jpg *.jpeg *.json