# UTECH SMS Gateway - Apache Configuration
# Security and performance settings

# Enable rewrite engine
<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # Force HTTPS (uncomment in production)
    # RewriteCond %{HTTPS} off
    # RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

# Prevent directory listing
Options -Indexes

# Protect config files
<FilesMatch "^(config\.php|db_connect\.php)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Protect log files
<FilesMatch "\.(log|txt)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Allow only specific files to be accessed
<FilesMatch "^(receive_sms|dashboard)\.php$">
    Order allow,deny
    Allow from all
</FilesMatch>

# Set proper MIME types
<IfModule mod_mime.c>
    AddType application/json .json
    AddType text/html .html .htm .php
</IfModule>

# Enable compression
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE application/json
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/javascript
</IfModule>

# Enable caching for static files
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType application/json "access plus 0 seconds"
    ExpiresByType text/html "access plus 0 seconds"
</IfModule>

# Security headers
<IfModule mod_headers.c>
    # Prevent clickjacking
    Header always set X-Frame-Options "SAMEORIGIN"
    
    # Prevent MIME type sniffing
    Header always set X-Content-Type-Options "nosniff"
    
    # XSS Protection
    Header always set X-XSS-Protection "1; mode=block"
    
    # Remove server information
    Header unset Server
    Header unset X-Powered-By
    
    # CORS headers (adjust as needed)
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
    Header always set Access-Control-Allow-Headers "Content-Type"
</IfModule>

# PHP security settings
<IfModule mod_php7.c>
    php_flag display_errors Off
    php_flag log_errors On
    php_value error_log logs/php_errors.log
    php_value upload_max_filesize 2M
    php_value post_max_size 2M
    php_value max_execution_time 30
    php_value max_input_time 30
</IfModule>

# Limit request size
LimitRequestBody 2097152

# Rate limiting (requires mod_ratelimit)
# <IfModule mod_ratelimit.c>
#     SetOutputFilter RATE_LIMIT
#     SetEnv rate-limit 400
# </IfModule>

