# rewrite rules
<IfModule mod_rewrite.c>
	# these are required for "per-directory rewrites"
	Options FollowSymLinks
	RewriteEngine On

	# uncomment following line if your webserver's URL is not directly related to physical file paths.
	RewriteBase /

	# remove the need for .php extension
	RewriteRule ^donate$ donate.php [NC]

	# redirect http -> https
	RewriteCond %{HTTPS} off
	RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [END,R=301]

	# redirect from top level domain to www
	RewriteCond %{HTTP_HOST} !^www\. [NC]
	RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=301]

	<IfModule mod_headers.c>
		Header always set Strict-Transport-Security "max-age=31536000"

		Header always set X-Frame-Options "SAMEORIGIN"
		Header always set X-XSS-Protection "1; mode=block"
		Header always set X-Content-Type-Options "nosniff"

		Header always set Referrer-Policy "same-origin"
	</IfModule>
</IfModule>

# control "max-age" & "Cache-Control" in HTTP header
<IfModule mod_expires.c>
	# for etag, exclude INode
	FileETag All -INode

	ExpiresActive On
	ExpiresDefault "access plus 7 days"

	ExpiresByType text/css  "access plus 2 hours"
	ExpiresByType text/html "access plus 2 hours"
</IfModule>
