Options -Indexes
Options +FollowSymLinks
AddDefaultCharset UTF-8

# ─── mod_security devre dışı (paylaşımlı hosting uyumlu) ───
<IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>
<IfModule mod_security2.c>
    SecRuleEngine Off
</IfModule>

# ─── PHP limit ayarları ─────────────────────────────────────
<IfModule mod_php8.c>
    php_value upload_max_filesize 20M
    php_value post_max_size 24M
    php_value max_execution_time 120
    php_value memory_limit 256M
    php_flag expose_php Off
    php_flag session.cookie_httponly On
    php_value session.gc_maxlifetime 7200
</IfModule>
<IfModule mod_php7.c>
    php_value upload_max_filesize 20M
    php_value post_max_size 24M
    php_value max_execution_time 120
    php_value memory_limit 256M
    php_flag expose_php Off
    php_flag session.cookie_httponly On
    php_value session.gc_maxlifetime 7200
</IfModule>

RewriteEngine On
RewriteBase /

# Admin - doğrudan geçir
RewriteRule ^admin(/.*)?$   - [L]
RewriteRule ^modules(/.*)?$ - [L]
RewriteRule ^install(/.*)?$ - [L]

# Gerçek dosya/dizin - doğrudan geçir
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]

# PHP dosyaları
RewriteRule \.php$ - [L]

# SEO URL'ler
RewriteRule ^hakkimizda/?$   pages/page.php?slug=hakkimizda [L,QSA]
RewriteRule ^iletisim/?$     pages/contact.php [L,QSA]
RewriteRule ^galeri/?$       pages/gallery.php [L,QSA]
RewriteRule ^bakkal/?$       pages/shop.php [L,QSA]
RewriteRule ^savas-koyu/?$   pages/village.php [L,QSA]
RewriteRule ^faaliyetler/?$  pages/activities.php [L,QSA]
RewriteRule ^projeler/?$     pages/projects.php [L,QSA]
RewriteRule ^destek/?$       pages/support.php [L,QSA]
RewriteRule ^gizlilik/?$     pages/privacy.php [L,QSA]
RewriteRule ^kvkk/?$         pages/kvkk.php [L,QSA]
RewriteRule ^etkinlikler/?$  pages/events.php [L,QSA]
RewriteRule ^arama/?$        pages/search.php [L,QSA]

# Dinamik sayfalar
RewriteRule ^([a-z0-9][a-z0-9-]*)/?$ pages/page.php?slug=$1 [L,QSA]

# Güvenlik başlıkları
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
</IfModule>

# Hassas dosyaları engelle
<FilesMatch "\.(sql|log|env|bak|lock)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Gzip
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/css application/javascript text/plain
</IfModule>

# Cache
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/png  "access plus 1 month"
    ExpiresByType image/webp "access plus 1 month"
    ExpiresByType text/css   "access plus 1 week"
    ExpiresByType application/javascript "access plus 1 week"
</IfModule>
