# Disable directory browsing
Options -Indexes
<IfModule mod_rewrite.c>
	Options +FollowSymlinks
	RewriteEngine On
	# Force HTTPS
	RewriteCond %{HTTPS} off
	RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
	# Redirect www to non-www (works for both HTTP and HTTPS)
	RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
	RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
	
	# Bypass CI4 routing for API files - ADD THIS LINE
	RewriteRule ^api/badge-verify\.php$ api/badge-verify.php [L]
	
	# Handle Front Controller...
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
	# Ensure Authorization header is passed along
	RewriteCond %{HTTP:Authorization} .
	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
	ErrorDocument 404 index.php
</IfModule>
# Prevent caching of PHP files and dynamic content
<IfModule mod_headers.c>
	# Prevent caching of PHP files
	<FilesMatch "\.(php|phtml)$">
		Header set Cache-Control "no-cache, no-store, must-revalidate"
		Header set Pragma "no-cache"
		Header set Expires 0
	</FilesMatch>
	
	# Force browsers to always check for updated files during development
	Header unset ETag
	FileETag None
</IfModule>
# Disable server signature
ServerSignature Off

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php81” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php81 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
