start

2025-12-21 01:11:30 +01:00
parent d3efe34ff4
commit a97f4f77ba
29 changed files with 986 additions and 622 deletions
--- a/public/..htaccess
+++ b/public/..htaccess
@@ -0,0 +1,32 @@
+# -------------------------------------------------
+# Apache Front Controller Setup (public/.htaccess)
+# -------------------------------------------------
+
+RewriteEngine On
+
+# Sicherheit: keine Directory Listings
+Options -Indexes
+
+# -------------------------------------------------
+# 1) Assets DIREKT ausliefern
+# -------------------------------------------------
+RewriteRule ^assets/ - [L]
+
+# -------------------------------------------------
+# 2) page/ von außen sperren (nur intern per require nutzbar)
+# -------------------------------------------------
+RewriteRule ^page/ - [F,L]
+
+# -------------------------------------------------
+# 3) Alles andere an den Front Controller
+# -------------------------------------------------
+RewriteRule ^ index.php [L]
+
+# -------------------------------------------------
+# 4) (Optional) Zusätzliche Sicherheits-Header
+# -------------------------------------------------
+<IfModule mod_headers.c>
+    Header set X-Frame-Options "SAMEORIGIN"
+    Header set X-Content-Type-Options "nosniff"
+    Header set Referrer-Policy "strict-origin-when-cross-origin"
+</IfModule>