update

2025-12-21 01:21:53 +01:00
parent a97f4f77ba
commit 4b20dbd472
4 changed files with 22 additions and 5 deletions
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -0,0 +1,32 @@
+# -------------------------------------------------
+# Apache Front Controller Setup (public/.htaccess)
+# -------------------------------------------------
+
+RewriteEngine On
+
+# Sicherheit: keine Directory Listings
+Options -Indexes
+
+# -------------------------------------------------
+# 1) Assets DIREKT ausliefern
+# -------------------------------------------------
+RewriteRule ^assets/ - [L]
+
+# -------------------------------------------------
+# 2) page/ von außen sperren (nur intern per require nutzbar)
+# -------------------------------------------------
+RewriteRule ^page/ - [F,L]
+
+# -------------------------------------------------
+# 3) Alles andere an den Front Controller
+# -------------------------------------------------
+RewriteRule ^ index.php [L]
+
+# -------------------------------------------------
+# 4) (Optional) Zusätzliche Sicherheits-Header
+# -------------------------------------------------
+<IfModule mod_headers.c>
+    Header set X-Frame-Options "SAMEORIGIN"
+    Header set X-Content-Type-Options "nosniff"
+    Header set Referrer-Policy "strict-origin-when-cross-origin"
+</IfModule>