<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # Force HTTPS (redirect HTTP to HTTPS)
    RewriteCond %{HTTPS} !=on
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{HTTP_HOST} !^localhost [NC]
    RewriteCond %{HTTP_HOST} !^127\.0\.0\.1 [NC]
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    
    # Redirect to public folder
    RewriteCond %{REQUEST_URI} !^/public/
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ /public/$1 [L]
    
    # Redirect root to public/index.php
    RewriteCond %{REQUEST_URI} ^/$
    RewriteRule ^(.*)$ /public/index.php [L]
</IfModule>

# Security Headers
<IfModule mod_headers.c>
    # Upgrade insecure requests to HTTPS
    Header always set Content-Security-Policy "upgrade-insecure-requests"
    
    # Prevent mixed content by forcing HTTPS
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
</IfModule>

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “alt-php83” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-alt-php83 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
