<IfModule mod_headers.c>
  #################################
  ## Hardening Headers
  ## See https://securityheaders.io
  #################################
  Header always set X-Powered-By: -
  Header set X-XSS-Protection "1; mode=block"
# Header set X-Frame-Options "SAMEORIGIN"
  Header set X-Content-Type-Options "nosniff"
  Header set Referrer-Policy "same-origin"
#  Header set Feature-Policy "geolocation 'self'; vibrate 'none'"
  Header set Permissions-Policy "geolocation=(self)"

#frutsels jho start
   # Header set Access-Control-Allow-Origin "https://cmdb.vicus.nl"
   # SetEnvIf Origin "^(.*\.vicus\.nl)$" ORIGIN_SUB_DOMAIN=$1
   # Header set Access-Control-Allow-Origin: "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
#frutsels jho end

  # Header set Permissions-Policy "geolocation 'self'"
  # jho: https://use.fontawesome.com toegegevoegd
  # jho: https://www.googletagmanager.com toegevoegd
  # jho: htpps://www.google-analytics.com/analytics.js toegevoegd
  Header set Content-Security-Policy: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data: https://www.gstatic.com/charts/ https://www.vicus.nl/piwik/ https://www.vicus.nl/info/ https://static.hotjar.com https://script.hotjar.com https://api.webvisitanalyser.nl https://use.fontawesome.com https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://fonts.googleapis.com https://api.salesfeed.com ; style-src 'self' 'unsafe-inline' https://www.gstatic.com/charts/  https://use.fontawesome.com https://fontawesome.com //fonts.googleapis.com; frame-ancestors 'self' https://castellum.vicus.nl/ https://autoresponder.vicus.nl/; "
  Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
</IfModule>

# avoid directory listing
Options -Indexes

RewriteEngine on

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

# redirect for a single file
#RewriteCond %{HTTP_HOST} ^castellum\.vicus\.nl$ [NC]
#RewriteCond %{THE_REQUEST} ^/vema_hub\.php [NC]
#RewriteRule ^vema_hub\.php$ https://autoresponder.vicus.nl/$1 [R,L]

#RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /vema_hub\.php
#RewriteRule ^/vema_hub\.php$ https://autoresponder.vicus.nl/$1 [R,L]

# deze werkt
# Redirect 301 /subscribe https://autoresponder.vicus.nl/vema_hub.php?a=subscribe$1

# Forcing HTTPS
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{SERVER_PORT} 80

# Pages to Apply
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

<IfModule mod_headers.c>
   SetEnvIf Origin "^(.*\.vicus\.nl)$" ORIGIN_SUB_DOMAIN=$1
   Header set Access-Control-Allow-Origin: "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
   Header set Access-Control-Allow-Methods: "*"
   Header set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, Authorization"
</IfModule>

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php5_module>
   php_flag asp_tags Off
   php_flag display_errors On
   php_value max_execution_time 300
   php_value max_input_time 600
   php_value max_input_vars 10000
   php_value memory_limit 2000M
   php_value post_max_size 50M
   php_value session.gc_maxlifetime 28800
   php_value session.save_path "/tmp"
   php_value upload_max_filesize 50M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag asp_tags Off
   php_flag display_errors On
   php_value max_execution_time 300
   php_value max_input_time 600
   php_value max_input_vars 10000
   php_value memory_limit 2000M
   php_value post_max_size 50M
   php_value session.gc_maxlifetime 28800
   php_value session.save_path "/tmp"
   php_value upload_max_filesize 50M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

ErrorDocument 403 "Forbidden"
ErrorDocument 404 "Not found"

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php72” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php72 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
