# ============================================================================
# ParalinkPOS — Admin Panel Apache Configuration
# ============================================================================

# ----------------------------------------------------------------------------
# Rewrite Engine
# ----------------------------------------------------------------------------
RewriteEngine On

# ----------------------------------------------------------------------------
# HTTPS Zorunluluğu
# ----------------------------------------------------------------------------
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# ----------------------------------------------------------------------------
# Hassas dosyalara doğrudan erişim engelleme
# ----------------------------------------------------------------------------
<FilesMatch "^(config|functions)\.php$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Deny from all
    </IfModule>
</FilesMatch>

# .htaccess dosyasına erişimi engelle
<Files ".htaccess">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Deny from all
    </IfModule>
    
    # ----------------------------------------------------------------------------
    # Installer Erişim Kontrolü (Kurulum sonrası ekleyin)
    # ----------------------------------------------------------------------------
    # Kurulum tamamlandıktan sonra aşağıdaki satırları aktif edin:
    # <Files "install.php">
    #     <IfModule mod_authz_core.c>
    #         Require all denied
    #     </IfModule>
    #     <IfModule !mod_authz_core.c>
    #         Order Allow,Deny
    #         Deny from all
    #     </IfModule>
    # </Files>
</Files>

# ----------------------------------------------------------------------------
# Dizin Listelemeyi Kapat
# ----------------------------------------------------------------------------
Options -Indexes

# ----------------------------------------------------------------------------
# PHP Üretim Ayarları
# ----------------------------------------------------------------------------
php_flag display_errors Off
php_flag log_errors On

# ----------------------------------------------------------------------------
# Güvenlik Header'ları
# ----------------------------------------------------------------------------
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "DENY"
    Header set X-XSS-Protection "1; mode=block"
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
