<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    
    # Remove .php extension from URLs
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME}\.php -f
    RewriteRule ^([^\.]+)$ $1.php [NC, L]
    
    # Redirect non-www to www
    RewriteCond %{HTTP_HOST} ^yourdomain\.com [NC]
    RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R=301,L]
    
    # Force HTTPS
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    
    # Prevent direct access to includes
    RewriteRule ^includes/ - [F,L]
    RewriteRule ^config/ - [F,L]
    RewriteRule ^logs/ - [F,L]
    
    # Allow access to public folder
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
</IfModule>

<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/xml+rss
</IfModule>

<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpeg "access plus 30 days"
    ExpiresByType image/gif "access plus 30 days"
    ExpiresByType image/png "access plus 30 days"
    ExpiresByType text/css "access plus 7 days"
    ExpiresByType text/javascript "access plus 7 days"
    ExpiresByType application/javascript "access plus 7 days"
</IfModule>

# Prevent access to sensitive files
<FilesMatch "\.env|\.git|composer.json|package.json">
    Order allow,deny
    Deny from all
</FilesMatch>

# Allow uploads directory
<Directory "uploads/">
    Order allow,deny
    Allow from all
</Directory>

# Disable directory listing
Options -Indexes
