Announcements

  • Testing article

    2025-07-09

    # Use mod_rewrite to enable "Clean URLs"
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    # Allow PUT, DELETE, OPTIONS methods (OJS API needs this)
    RewriteCond %{REQUEST_METHOD} ^(PUT|DELETE|OPTIONS)$
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect index.php requests to remove it from URL
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [QSA,L]
    </IfModule>

    # Allow additional HTTP methods explicitly
    <LimitExcept GET POST PUT DELETE OPTIONS>
    Deny from all
    </LimitExcept>

    # Protect sensitive files
    <FilesMatch "\.(htaccess|htpasswd|ini|log|conf|env)$">
    Order Allow,Deny
    Deny from all
    </FilesMatch>

    # Prevent directory browsing
    Options -Indexes

    # Optional: Basic security headers
    <IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
    </IfModule>

    Read more about Testing article