|
- <IfModule mod_rewrite.c>
- <IfModule mod_negotiation.c>
- Options -MultiViews -Indexes
- </IfModule>
-
- RewriteEngine On
-
- # ローカル判定
- SetEnvIf HOST "^localhost.*$" isLocal
- #ステージング判定
- SetEnvIf HOST "^15.152.39.28$" isStaging
- #本番判定
- SetEnvIf HOST "^qrs\.hello-techno-network\.com$" isProduction
-
- # SSL強制
- RewriteCond %{ENV:isLocal} !-
- RewriteCond %{ENV:isStaging} !-
- RewriteCond %{HTTPS} off
- RewriteRule ^(.*)$ https://qrs.hello-techno-network.com/$1 [R=301,L]
-
- # ドメインアクセス強制
- RewriteCond %{ENV:isLocal} !-
- RewriteCond %{ENV:isStaging} !-
- RewriteCond %{HTTP_HOST} ^\d+\.\d+\.\d+\.\d+$
- RewriteRule ^(.*)$ https://qrs.hello-techno-network.com/$1 [R=301,L]
-
- Header unset X-Powered-By
-
- Header set "Content-Security-Policy" "default-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: api.iconify.design;font-src 'self' fonts.gstatic.com;frame-ancestors 'none';form-action 'self';connect-src 'self' https:" env=!isLocal
-
- Header set "X-Frame-Options" "deny"
-
- Header set "Cache-Control" "no-cache, no-store, must-revalidate"
-
- # Handle Authorization Header
- RewriteCond %{HTTP:Authorization} .
- RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
- # Redirect Trailing Slashes If Not A Folder...
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_URI} (.+)/$
- RewriteRule ^ %1 [L,R=301]
-
- # Send Requests To Front Controller...
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule ^ index.php [L]
-
- # 以下、ファイルアクセス
- # リソース判定
- SetEnvIf Request_URI "^\/static\/js\/.+\.js$" isJsFile=yes
- SetEnvIf Request_URI "^\/static\/css\/.+\.css$" isCssFile=yes
- SetEnvIf Request_URI "^\/fonts\/.+$" isFontFile=yes
-
- Header set "Cache-Control" "private, no-cache" env=isJsFile
- Header set "Cache-Control" "private, no-cache" env=isCssFile
- Header set "Cache-Control" "private, no-cache" env=isFontFile
-
- Header set "X-Content-Type-Options" "nosniff"
-
- </IfModule>
|
