##
## PHREEZE ACCESS RULES FOR APACHE
## VERSION 1.3.2
##

## PHP ERROR REPORTING
# php_flag display_errors 1
# php_value error_reporting 1 # (or 8191 for all errors)
# php_flag asp_tags 0

## PHP SESSION SECURITY
# php_value session.cookie_httponly 1
# php_value session.use_only_cookies 1

## PHP FILE UPLOAD LIMITS
# php_value upload_max_filesize 3M
# php_value post_max_size 3M
# php_value max_execution_time 200
# php_value max_input_time 200
# php_value max_input_vars 3000
# php_value date.timezone 'Asia/Bangkok'

<IfModule mod_rewrite.c>
	Options +FollowSymLinks
	Options -MultiViews
	RewriteEngine On

	SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

    # TODO disable production
	# Header set X-Robots-Tag "noindex, nofollow"

	## TODO: some hosts require the app root must be specified
	# RewriteBase /

    #----HEADER ORIGIN--
    # http://stackoverflow.com/questions/14003332/access-control-allow-origin-wildcard-subdomains-ports-and-protocols
    # Define the root domain that is allowed
    SetEnvIf Origin .+ ACCESS_CONTROL_ROOT=www.thebetter.co.th
    # Check that the Origin: matches the defined root domain and capture it in
    # an environment var if it does
    RewriteEngine On
    RewriteCond %{ENV:ACCESS_CONTROL_ROOT} !=""
    RewriteCond %{ENV:ACCESS_CONTROL_ORIGIN} =""
    RewriteCond %{ENV:ACCESS_CONTROL_ROOT}&%{HTTP:Origin} ^([^&]+)&(https?://(?:.+?\.)?\1(?::\d{1,5})?)$
    RewriteRule .* - [E=ACCESS_CONTROL_ORIGIN:%2]
    # Set the response header to the captured value if there was a match
    Header set Access-Control-Allow-Origin %{ACCESS_CONTROL_ORIGIN}e env=ACCESS_CONTROL_ORIGIN
    #----HEADER ORIGIN--

    # ensure redirect to https://www
    #RewriteCond %{HTTP_HOST} !^www\.
    #RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

    #RewriteCond %{HTTPS} off
    #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

	# Optionally disable trace request method for security
	# RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
	# RewriteRule .* - [F]

	# Redirect all requests to index.php unless the directory, file or link exists
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_FILENAME} !-l
	RewriteRule (.*) index.php?_REWRITE_COMMAND=$1 [QSA,L]
</IfModule>


## SPEED UP WEBSITE ##
# TN START GZIP COMPRESSION
<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>
# TN END GZIP COMPRESSION

# TN START DEFLATE COMPRESSION
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE "application/atom+xml" \
"application/javascript" \
"application/json" \
"application/ld+json" \
"application/manifest+json" \
"application/rdf+xml" \
"application/rss+xml" \
"application/schema+json" \
"application/vnd.geo+json" \
"application/vnd.ms-fontobject" \
"application/x-font" \
"application/x-font-opentype" \
"application/x-font-otf" \
"application/x-font-truetype" \
"application/x-font-ttf" \
"application/x-javascript" \
"application/x-web-app-manifest+json" \
"application/xhtml+xml" \
"application/xml" \
"font/eot" \
"font/otf" \
"font/ttf" \
"font/opentype" \
"image/bmp" \
"image/svg+xml" \
"image/vnd.microsoft.icon" \
"image/x-icon" \
"text/cache-manifest" \
"text/css" \
"text/html" \
"text/javascript" \
"text/plain" \
"text/vcard" \
"text/vnd.rim.location.xloc" \
"text/vtt" \
"text/x-component" \
"text/x-cross-domain-policy" \
"text/xml"
</IfModule>
# END DEFLATE COMPRESSION

# TN START ENABLE KEEP ALIVE
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
# TN END ENABLE KEEP ALIVE