a1971f9515
Groups is fully removed: No homepage navigation, Account feature, tier setting, API, or client code. Legacy group tables, entitlements, messages, voice files, and config are purged automatically. New cache-busted client: cyberchat-app.js?v=20260609.3. Browser and SQLite migration tests passed with no console errors.
37 lines
1.0 KiB
ApacheConf
37 lines
1.0 KiB
ApacheConf
# CyberChat .htaccess — Apache configuration
|
|
|
|
# Deny direct access to databases and the credential-bearing config file
|
|
<FilesMatch "(^config\.json$|\.sqlite($|-wal$|-shm$))">
|
|
<IfModule mod_authz_core.c>
|
|
Require all denied
|
|
</IfModule>
|
|
<IfModule !mod_authz_core.c>
|
|
Order Allow,Deny
|
|
Deny from all
|
|
</IfModule>
|
|
</FilesMatch>
|
|
|
|
# Always revalidate HTML so new asset versions take effect immediately.
|
|
<IfModule mod_headers.c>
|
|
<FilesMatch "\.(html?)$">
|
|
Header set Cache-Control "no-cache, no-store, must-revalidate"
|
|
Header set Pragma "no-cache"
|
|
Header set Expires "0"
|
|
</FilesMatch>
|
|
</IfModule>
|
|
|
|
# Deny direct access to storage and internal PHP libraries
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine On
|
|
RewriteRule ^db/ - [F,L]
|
|
RewriteRule ^archive/ - [F,L]
|
|
RewriteRule ^lib/ - [F,L]
|
|
</IfModule>
|
|
|
|
# PHP settings (if allowed by host)
|
|
<IfModule mod_php.c>
|
|
php_value session.cookie_httponly 1
|
|
php_value session.cookie_samesite Strict
|
|
php_value session.use_strict_mode 1
|
|
</IfModule>
|