HEX
Server: LiteSpeed
System: Linux server111.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64
User: lacammxy (848)
PHP: 7.4.33
Disabled: NONE
$ pwd: /home/lacammxy/public_html/videos/
Upload Files
File: /home/lacammxy/public_html/videos/.htaccess
# BroadcastEvent - Apache/LiteSpeed Configuration
# SEO-friendly URL routing with fallback support
# Compatible with Apache 2.2+, LiteSpeed, OpenLiteSpeed

# Enable Rewrite Engine
<IfModule mod_rewrite.c>
    RewriteEngine On

    # Dynamic RewriteBase - auto-detect from current directory
    RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
    RewriteRule ^(.*) - [E=BASE:%1]

    # Force HTTPS (uncomment in production)
    # RewriteCond %{HTTPS} off
    # RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # Remove trailing slash (except for directories)
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.+)/$ %{ENV:BASE}/$1 [L,R=301]

    # Handle existing files and directories directly
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]

    # Auth routes: /login, /register, /logout
    RewriteRule ^login/?$ index.php?mode=login [QSA,L]
    RewriteRule ^register/?$ index.php?mode=register [QSA,L]
    RewriteRule ^logout/?$ index.php?mode=logout [QSA,L]

    # Policy routes: /shipping, /return-policy
    RewriteRule ^shipping/?$ index.php?mode=shipping [QSA,L]
    RewriteRule ^return-policy/?$ index.php?mode=return-policy [QSA,L]
    RewriteRule ^privacy-policy/?$ index.php?mode=privacy-policy [QSA,L]
    RewriteRule ^terms-of-service/?$ index.php?mode=terms-of-service [QSA,L]
    RewriteRule ^cookie-policy/?$ index.php?mode=cookie-policy [QSA,L]

    # Info routes: /about, /faq, /contact
    RewriteRule ^about/?$ index.php?mode=about [QSA,L]
    RewriteRule ^faq/?$ index.php?mode=faq [QSA,L]
    RewriteRule ^contact/?$ index.php?mode=contact [QSA,L]

    # Update routes: /update/sitemap
    RewriteRule ^update/sitemap/?$ index.php?update=sitemap [QSA,L]

    # API routes
    RewriteRule ^api/broadcast/?$ index.php?api=broadcast [QSA,L]
    RewriteRule ^api/status/?$ index.php?api=status [QSA,L]

    # Skip rewriting for known static files
    RewriteRule \.(xml|txt|ico|png|jpg|jpeg|gif|webp|svg|css|js|woff|woff2|html|htm)$ - [L]

    # Direct slug route: /slug (single segment, supports Unicode/Thai characters)
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^([^/]+)/?$ index.php?view=$1 [QSA,L]
</IfModule>

# Deny access to sensitive files
<FilesMatch "\.(htaccess|htpasswd|ini|log|sh|sql|bak|config|env|json|txt)$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Deny from all
    </IfModule>
</FilesMatch>

# Allow access to specific files
<FilesMatch "^(sitemap\.xml|robots\.txt|favicon\.(ico|png)|[a-f0-9]{32}\.txt)$">
    <IfModule mod_authz_core.c>
        Require all granted
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Allow from all
    </IfModule>
</FilesMatch>

# Deny access to includes directory
<IfModule mod_rewrite.c>
    RewriteRule ^includes/ - [F,L]
    RewriteRule ^data/ - [F,L]
</IfModule>

# Security Headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
    Header set Referrer-Policy "strict-origin-when-cross-origin"
    Header unset Server
    Header unset X-Powered-By
</IfModule>

# Block bad referrers/referers (spam, malicious sites)
<IfModule mod_rewrite.c>
    RewriteCond %{HTTP_REFERER} ^https?://(.+\.)?(semalt|buttons-for-website|makemoneyonline|kambasoft|savetubevideo|screentoolkit|econom\.co|100dollars-seo|sitevaluation|buttons-for-your-website|videos-for-your-business|success-seo|get-free-traffic-now|free-share-buttons|social-buttons|free-social-buttons)\. [NC,OR]
    RewriteCond %{HTTP_REFERER} ^https?://(.+\.)?(4webmasters|webmasters|dailyrank|rightrelevance|co\.lumb\.co|floating-share-buttons|best-seo-offer|best-seo-solution|buy-cheap-online|seo-platform|semaltmedia|ranksonic)\. [NC]
    RewriteRule .* - [F,L]
</IfModule>

# Block empty/suspicious referrers on form submissions (optional - uncomment if needed)
# <IfModule mod_rewrite.c>
#     RewriteCond %{REQUEST_METHOD} POST
#     RewriteCond %{HTTP_REFERER} ^$
#     RewriteRule .* - [F,L]
# </IfModule>

# GZIP Compression
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/css
    AddOutputFilterByType DEFLATE text/javascript application/javascript application/json
    AddOutputFilterByType DEFLATE application/xml text/xml image/svg+xml
</IfModule>

# Cache Control
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/html "access plus 0 seconds"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType font/woff "access plus 1 year"
</IfModule>

# Prevent directory listing
Options -Indexes

# Set default charset
AddDefaultCharset UTF-8
@ Telegram