senorgeno/.htaccess

## .htaccess
### SILVERSTRIPE START ###

# Deny access to templates (but allow from localhost)
<Files *.ss>
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1
</Files>

# Deny access to IIS configuration
<Files web.config>
    Order deny,allow
    Deny from all
</Files>

# Deny access to YAML configuration files which might include sensitive information
<Files ~ "\.ya?ml$">
    Order allow,deny
    Deny from all
</Files>

# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html

<IfModule mod_rewrite.c>

    # Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
    <IfModule mod_dir.c>
        DirectoryIndex disabled
        DirectorySlash On
    </IfModule>

    SetEnv HTTP_MOD_REWRITE On
    RewriteEngine On

    RewriteCond %{HTTP:X-Forwarded-Proto} =http
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    RewriteCond %{HTTP_HOST} ^www.monarchpursuits.com$ [NC]
    RewriteRule ^(.*)$ https://monarchpursuits.com/$1 [R=301,L]

    # Enable HTTP Basic authentication workaround for PHP running in CGI mode
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Deny access to potentially sensitive files and folders
    RewriteRule ^vendor(/|$) - [F,L,NC]
    RewriteRule ^\.env - [F,L,NC]
    RewriteRule silverstripe-cache(/|$) - [F,L,NC]
    RewriteRule composer\.(json|lock) - [F,L,NC]
    RewriteRule (error|silverstripe|debug)\.log - [F,L,NC]

    # Process through SilverStripe if no file with the requested name exists.
    # Pass through the original path as a query parameter, and retain the existing parameters.
    # Try finding framework in the vendor folder first
    RewriteCond %{REQUEST_URI} ^(.*)$
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule .* index.php
</IfModule>
### SILVERSTRIPE END ###
	### SILVERSTRIPE START ###

	# Deny access to templates (but allow from localhost)
	<Files *.ss>
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	</Files>

	# Deny access to IIS configuration
	<Files web.config>
	Order deny,allow
	Deny from all
	</Files>

	# Deny access to YAML configuration files which might include sensitive information
	<Files ~ "\.ya?ml$">
	Order allow,deny
	Deny from all
	</Files>

	# Route errors to static pages automatically generated by SilverStripe
	ErrorDocument 404 /assets/error-404.html
	ErrorDocument 500 /assets/error-500.html

	<IfModule mod_rewrite.c>

	# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
	<IfModule mod_dir.c>
	DirectoryIndex disabled
	DirectorySlash On
	</IfModule>

	SetEnv HTTP_MOD_REWRITE On
	RewriteEngine On

	RewriteCond %{HTTP:X-Forwarded-Proto} =http
	RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

	RewriteCond %{HTTP_HOST} ^www.monarchpursuits.com$ [NC]
	RewriteRule ^(.*)$ https://monarchpursuits.com/$1 [R=301,L]

	# Enable HTTP Basic authentication workaround for PHP running in CGI mode
	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

	# Deny access to potentially sensitive files and folders
	RewriteRule ^vendor(/\|$) - [F,L,NC]
	RewriteRule ^\.env - [F,L,NC]
	RewriteRule silverstripe-cache(/\|$) - [F,L,NC]
	RewriteRule composer\.(json\|lock) - [F,L,NC]
	RewriteRule (error\|silverstripe\|debug)\.log - [F,L,NC]

	# Process through SilverStripe if no file with the requested name exists.
	# Pass through the original path as a query parameter, and retain the existing parameters.
	# Try finding framework in the vendor folder first
	RewriteCond %{REQUEST_URI} ^(.*)$
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteRule .* index.php
	</IfModule>
	### SILVERSTRIPE END ###