# ==============================================================================
# Lux Studio Frontend - Minimal Security Configuration
# ==============================================================================

# Disable directory listing
Options -Indexes +FollowSymLinks

# ==============================================================================
# React Router - Client-Side Routing
# ==============================================================================

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /lux-studio/

  # Don't rewrite requests for real files or directories
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d

  # Rewrite all other requests to index.html for client-side routing
  RewriteRule ^ index.html [L]
</IfModule>

# ==============================================================================
# Security - Block Sensitive Files
# ==============================================================================

# Block access to hidden files (., .env, .git, etc.)
<FilesMatch "^\.">
  Require all denied
</FilesMatch>

# Block access to source map files in production
<FilesMatch "\.map$">
  Require all denied
</FilesMatch>

# Block access to package files
<FilesMatch "(package\.json|package-lock\.json|composer\.json|composer\.lock)$">
  Require all denied
</FilesMatch>

# ==============================================================================
# Basic Security Headers
# ==============================================================================

<IfModule mod_headers.c>
  # Prevent MIME type sniffing
  Header set X-Content-Type-Options "nosniff"

  # Prevent clickjacking
  Header set X-Frame-Options "SAMEORIGIN"
</IfModule>

# ==============================================================================
# END CONFIGURATION
# ==============================================================================
