# ==============================================================================
# | COMPREHENSIVE .htaccess FILE                                               |
# ==============================================================================
# +-----------------------------------------------------------------------------
# | URL Rewriting & SEO Canonicalization
# +-----------------------------------------------------------------------------
# Turn on the URL rewriting engine
RewriteEngine On
# Force all traffic to use a secure HTTPS connection
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Redirect www version to non-www version (e.g., www.genowa.co.ke -> genowa.co.ke)
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]
# Remove .php file extension from URLs
# 1. Redirect requests for file.php to /file
# MODIFIED: Exclude specific directories and handler files from this rule.
RewriteCond %{REQUEST_URI} !^/api/
RewriteCond %{REQUEST_URI} !^/admin/
RewriteCond %{REQUEST_URI} !^/includes/
RewriteCond %{REQUEST_URI} !^/blogger/ [NC] # <-- ADDED: Exclude blogger folder
RewriteCond %{REQUEST_URI} !/whatsapp_handler\.php$ [NC]
RewriteCond %{REQUEST_URI} !/bot_core_logic\.php$ [NC]
RewriteCond %{REQUEST_URI} !/chat_handler\.php$ [NC]
RewriteCond %{REQUEST_URI} !/chatbot\.php$ [NC]
RewriteCond %{REQUEST_URI} !/functions\.php$ [NC]
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1 [R=301,L]
# 2. Internally rewrite /file back to file.php
RewriteCond %{REQUEST_URI} !^/admin/
RewriteCond %{REQUEST_URI} !^/blogger/ [NC] # <-- ADDED: Exclude blogger folder
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*)/?$ $1.php [L]
# Custom rule for news articles (your original rule)
# Rewrites news/my-slug to article.php?slug=my-slug
RewriteRule ^news/([a-zA-Z0-9-]+)$ article.php?slug=$1 [L]
# +-----------------------------------------------------------------------------
# | Security Enhancements
# +-----------------------------------------------------------------------------
# Prevent people from Browse directories that don't have an index file
Options -Indexes
# Block access to sensitive files and directories
# This covers your request for db_connect.php, error_log, ini files, etc.
<FilesMatch "\.(htaccess|htpasswd|ini|log|sh|inc|sql|conf|env|bak|db_connect\.php)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>
# Add security headers to protect against common attacks
<IfModule mod_headers.c>
    # Prevent Clickjacking
    Header set X-Frame-Options "SAMEORIGIN"
    # Prevent Content Sniffing
    Header set X-Content-Type-Options "nosniff"
    # Enable XSS protection in older browsers
    Header set X-XSS-Protection "1; mode=block"
</IfModule>
# +-----------------------------------------------------------------------------
# | Performance Optimization
# +-----------------------------------------------------------------------------
# Enable GZIP compression for faster loading of text-based assets
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript
    AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript application/x-javascript application/json
</IfModule>
# Leverage browser caching for static assets to reduce server load
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault                  "access plus 1 month"
    ExpiresByType text/css            "access plus 1 year"
    ExpiresByType application/javascript  "access plus 1 year"
    ExpiresByType application/x-javascript "access plus 1 year"
    ExpiresByType image/jpeg          "access plus 1 month"
    ExpiresByType image/png           "access plus 1 month"
    ExpiresByType image/gif           "access plus 1 month"
    ExpiresByType image/svg+xml       "access plus 1 month"
    ExpiresByType image/x-icon        "access plus 1 month"
    ExpiresByType application/pdf     "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
</IfModule>
