# Kibcloud - URL Rewriting
# Enables clean URLs without .php extension

RewriteEngine On

# Set the base directory
RewriteBase /kibcloud/

# Don't rewrite if the file or directory exists
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Rewrite URLs without .php extension to include it
RewriteRule ^([^/]+)/?$ $1.php [L,QSA]

# Handle subdirectories (admin, client, api)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(admin|client|api)/([^/]+)/?$ $1/$2.php [L,QSA]

# Security Headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
</IfModule>

# Disable directory browsing
Options -Indexes

# Protect sensitive files
<FilesMatch "^\.">
    Order allow,deny
    Deny from all
</FilesMatch>

<FilesMatch "\.(sql|log|ini|sh)$">
    Order allow,deny
    Deny from all
</FilesMatch>
