### Rewrite Rules Added by CyberPanel Rewrite Rule Generator

RewriteEngine On
RewriteCond %{HTTPS}  !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

### End CyberPanel Generated Rules.

# Epic Travel & Expeditions - CyberPanel LiteSpeed Configuration
DirectoryIndex index.html index.php

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

# API Routes - Direct to PHP backend
RewriteCond %{REQUEST_URI} ^/api/
RewriteRule ^api/(.*)$ api/api/$1 [L,QSA]

# Admin setup page
RewriteRule ^setup/?$ setup_password.php [L]

# Static files and directories - serve directly
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]

# React Router - All other routes to index.html
RewriteRule ^ index.html [L]
</IfModule>

# Security Headers
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
Header set X-Frame-Options "SAMEORIGIN"
Header set X-XSS-Protection "1; mode=block"
</IfModule>

# Enable CORS for API
<FilesMatch "\.(php)$">
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type, Authorization"
</FilesMatch>

# Disable directory browsing
Options -Indexes +FollowSymLinks

# PHP Settings
<IfModule mod_php.c>
php_value upload_max_filesize 10M
php_value post_max_size 10M
php_value memory_limit 256M
php_value max_execution_time 300
</IfModule>

# Force use of index.html
<IfModule mod_dir.c>
DirectoryIndex index.html index.php
</IfModule>