# PHP hata raporlamasını kapat
php_flag display_errors off

# Dizin listelemeyi kapat
Options -Indexes

# Varsayılan karakter seti
AddDefaultCharset UTF-8

# Güvenlik başlıkları
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# MIME türlerini güvenli hale getir
<IfModule mod_mime.c>
    AddType application/javascript .js
    AddType text/css .css
    AddType image/svg+xml .svg
    AddType application/font-woff .woff
    AddType application/font-woff2 .woff2
    AddType application/vnd.ms-fontobject .eot
    AddType application/x-font-ttf .ttf
</IfModule>

# Sıkıştırma
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

# Önbellek kontrolü
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/x-javascript "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 2 days"
</IfModule>

# URL yönlendirmeleri
RewriteEngine On

# www'suz URL'ye yönlendir
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]

# SEO dostu URL'ler
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Sayfa yönlendirmeleri
RewriteRule ^sayfa/([^/]+)/?$ sayfa.php?slug=$1 [L,QSA]
RewriteRule ^yazi/([^/]+)/?$ yazi-detay.php?slug=$1 [L,QSA]
RewriteRule ^mevzuat/([^/]+)/?$ mevzuat-detay.php?slug=$1 [L,QSA]
RewriteRule ^ictihat/([^/]+)/?$ ictihat-detay.php?slug=$1 [L,QSA]

# Özel sayfalar için yönlendirmeler
RewriteRule ^hakkimizda/?$ hakkimizda.php [L]
RewriteRule ^iletisim/?$ iletisim.php [L]
RewriteRule ^randevu/?$ randevu.php [L]
RewriteRule ^kariyer/?$ kariyer.php [L]
RewriteRule ^e-tahsilat/?$ e-tahsilat.php [L]
RewriteRule ^galeri/?$ galeri.php [L]
RewriteRule ^yazilar/?$ yazilar.php [L]
RewriteRule ^mevzuat/?$ mevzuat.php [L]
RewriteRule ^ictihat/?$ ictihat.php [L]

# Yasaklı dosyalara erişimi engelle
<FilesMatch "^(\.htaccess|\.htpasswd|\.git|\.env|composer\.json|composer\.lock|package\.json|package-lock\.json)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# PHP dosyalarını koru
<FilesMatch "\.php$">
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
    Allow from ::1
    Allow from localhost
    Allow from %{HTTP_HOST}
</FilesMatch>

# Admin klasörünü koru
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/admin/
    RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$
    RewriteCond %{REMOTE_ADDR} !^::1$
    RewriteCond %{HTTP_HOST} !^localhost
    RewriteRule ^admin/ - [F]
</IfModule>

# Hata sayfaları
ErrorDocument 400 /hata.php
ErrorDocument 401 /hata.php
ErrorDocument 403 /hata.php
ErrorDocument 404 /hata.php
ErrorDocument 500 /hata.php 