# Reencaminhamento para endereço HTTPS
RewriteCond %{HTTP_HOST} !=localhost 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



# Ocultar os Erros do PHP  --------   Change mod_php5.c to mod_php7.c if you are running PHP7
<IfModule mod_php5.c>
  php_flag display_errors Off
</IfModule>


# Header X-Frame-Options para evitar ataques ClickJacking ---- Opções: X-Frame-Options: negar | X-Frame-Options: sameorigin | X-Frame-Options: permitir-a partir de https://example.com/
Header always append X-Frame-Options SAMEORIGIN


# Header Strict-Transport-Security para indicar a duración de la cabecera HSTS
Header add Strict-Transport-Security "max-age=157680000; includeSubDomains; preload"


# Header X-XSS-Protection para evitar ataques XSS no IE e Chrome
<IfModule mod_headers.c>
  Header set X-XSS-Protection "1; mode=block"
</IfModule>


# Header X-Content-Type-Options para evitar que se carreguem folhas de estilo ou scripts maliciosos
Header set X-Content-Type-Options "nosniff"


# Header Referer-Policy
Header set Referrer-Policy no-referrer-when-downgrade


# Define a permissões para os vários elementos da página (CSS, JS, Fonts, outros)
#Header set Content-Security-Policy "default-src 'none'; font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com; img-src 'self'; script-src 'self'  'unsafe-inline' ; style-src 'self' https://fonts.googleapis.com/; base-uri 'none'"
Header set Content-Security-Policy "default-src 'none';  font-src 'self' https://fonts.gstatic.com; frame-src https://www.google.com; img-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; form-action 'self'; base-uri 'none'; frame-ancestors 'none' "



# Header Feature-Policy
Header set Feature-Policy "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'"





##############################################################################################
#
#                			FUNCIONALIDADES
#
##############################################################################################

# Redireciona o utilizador para uma página de erro no caso de não existir
#ErrorDocument 404 /projetos/3___website-template/pagina-nao-encontrada.php

#ErrorDocument 404 ~/htdocs/www/domainname/pagina-nao-encontrada.php


#php_value upload_max_filesize 120M
#php_value post_max_size 120M
#php_value max_execution_time 200
#php_value max_input_time 200

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
