RewriteEngine On RewriteBase / # Force HTTPS RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # API Proxy - Forward /api requests to Python backend # Update the proxy URL to match your cPanel Python app configuration RewriteCond %{REQUEST_URI} ^/api/(.*)$ RewriteRule ^api/(.*)$ http://localhost:YOUR_PYTHON_APP_PORT/api/$1 [P,L] # React Router - Serve index.html for all non-file requests RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule ^ index.html [L] # Enable Gzip Compression AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json # Browser Caching ExpiresActive On ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType application/json "access plus 1 week" # Security Headers Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" # Protect .env file Order allow,deny Deny from all