# ==========================================
# HTACCESS - SISTEMA KARDEX
# Configuración de URLs limpias
# ==========================================

# Activar RewriteEngine
<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # Establecer la base de la aplicación
    # Si tu proyecto está en la raíz: RewriteBase /
    # Si está en una carpeta: RewriteBase /nombre_carpeta/public/
    RewriteBase /sistema_kardex/public/
    
    # Permitir acceso directo a archivos y directorios existentes
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    
    # Redirigir todo a index.php
    RewriteRule ^(.*)$ index.php?route=$1 [QSA,L]
</IfModule>

# ==========================================
# SEGURIDAD
# ==========================================

# Prevenir listado de directorios
Options -Indexes

# Proteger archivos sensibles
<FilesMatch "^(\.htaccess|\.env|composer\.json|composer\.lock|package\.json)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# ==========================================
# CACHÉ Y RENDIMIENTO
# ==========================================

# Habilitar compresión
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
</IfModule>

# Establecer cabeceras de caché
<IfModule mod_expires.c>
    ExpiresActive On
    
    # Imágenes
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType image/x-icon "access plus 1 year"
    
    # CSS y JavaScript
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    
    # Fuentes
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType font/woff "access plus 1 year"
    ExpiresByType font/ttf "access plus 1 year"
    ExpiresByType application/font-woff "access plus 1 year"
</IfModule>

# ==========================================
# CONFIGURACIÓN DE PHP
# ==========================================

# Aumentar límites de carga (ajustar según necesidad)
php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 300
php_value max_input_time 300

# ==========================================
# CABECERAS DE SEGURIDAD
# ==========================================

# Prevenir clickjacking
Header always set X-Frame-Options "SAMEORIGIN"

# Prevenir MIME type sniffing
Header always set X-Content-Type-Options "nosniff"

# Habilitar XSS Protection
Header always set X-XSS-Protection "1; mode=block"

# Política de referencia
Header always set Referrer-Policy "no-referrer-when-downgrade"