# Custom 404 page
ErrorDocument 404 /404.html

# Force HTTPS and WWW
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.sattursrigowthamcrackers\.com$ [NC]
RewriteRule ^(.*)$ https://www.sattursrigowthamcrackers.com/$1 [R=301,L]

# Extra Security Headers
<IfModule mod_headers.c>
  Header always set X-Frame-Options "SAMEORIGIN"
  Header always set X-Content-Type-Options "nosniff"
  Header always set Referrer-Policy "strict-origin-when-cross-origin"
  Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
  Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

# Block bad bots
<IfModule mod_setenvif.c>
  BrowserMatchNoCase "curl|wget|postman|httpclient|libwww" bad_bot
</IfModule>

# Block direct file access
<IfModule mod_setenvif.c>
  SetEnvIfNoCase Referer "^https?://(www\.)?sattursrigowthamcrackers\.com" good_ref
</IfModule>

<Files "pricelist_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "otp_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "user_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "direct_order_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "order_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "product_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "category_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "settings_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<Files "customer_changes.php">
  <RequireAll>
    Require env good_ref
  </RequireAll>
</Files>

<RequireAll>
  Require all granted
  Require not env bad_bot
</RequireAll>
<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 49.43.250.158
deny from 223.237.177.195
deny from 49.43.250.170
