68 lines
1.8 KiB
ApacheConf
68 lines
1.8 KiB
ApacheConf
# XC IPTV API - Apache Configuration
|
|
|
|
# CORS (Cross-Origin Resource Sharing)
|
|
<IfModule mod_headers.c>
|
|
Header set Access-Control-Allow-Origin "*"
|
|
Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
|
|
Header set Access-Control-Allow-Headers "Content-Type, Authorization"
|
|
</IfModule>
|
|
|
|
# GZIP Compression
|
|
<IfModule mod_deflate.c>
|
|
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
|
|
</IfModule>
|
|
|
|
# Cache Control
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresByType application/json "access plus 5 minutes"
|
|
</IfModule>
|
|
|
|
# Security Headers
|
|
<IfModule mod_headers.c>
|
|
Header set X-Content-Type-Options "nosniff"
|
|
Header set X-Frame-Options "DENY"
|
|
Header set X-XSS-Protection "1; mode=block"
|
|
</IfModule>
|
|
|
|
# Disable Directory Listing
|
|
Options -Indexes
|
|
|
|
# Protect Config and Sensitive Files
|
|
<FilesMatch "^(config\.php|rate_limit\.json|.*\.log|.*\.md)$">
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# Protect Tokens Directory
|
|
<IfModule mod_rewrite.c>
|
|
RewriteRule ^tokens/ - [F,L]
|
|
</IfModule>
|
|
|
|
# Error Pages
|
|
ErrorDocument 404 /404.html
|
|
ErrorDocument 500 /500.html
|
|
|
|
# Rewrite Rules (opsiyonel - SEF URLs için)
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine On
|
|
RewriteBase /
|
|
|
|
# API endpoint'i temizle
|
|
# /api/v1 yerine /api
|
|
RewriteRule ^api/?$ api_secured.php [L]
|
|
|
|
# Maintenance check
|
|
RewriteCond %{REQUEST_URI} !maintenance.html
|
|
RewriteCond %{DOCUMENT_ROOT}/maintenance.flag -f
|
|
RewriteRule .* /maintenance.html [R=503,L]
|
|
</IfModule>
|
|
|
|
# PHP Settings (eğer izin veriliyorsa)
|
|
<IfModule mod_php.c>
|
|
php_value upload_max_filesize 10M
|
|
php_value post_max_size 10M
|
|
php_value memory_limit 128M
|
|
php_value max_execution_time 30
|
|
</IfModule>
|