# ====================== .htaccess for /clients/ecobe/admin ======================

RewriteEngine On

# IMPORTANT: Do NOT rewrite any URLs - Express app handles everything
# We removed all old static HTML rewrites because it's now a dynamic Node.js app

# Prevent access to sensitive folders
RewriteRule ^(\.env|src/db/|node_modules|server\.js) - [F,L]
LimitRequestBody 10485760

# ====================== CLOUDLINUX PASSENGER CONFIG ======================

# DO NOT REMOVE. CLOUDLINUX PASSENGER CONFIGURATION
PassengerAppRoot "/home/vianaflx/vianexu.com/clients/ecobe/admin"
PassengerBaseURI "/clients/ecobe/admin"
PassengerNodejs "/home/vianaflx/nodevenv/vianexu.com/clients/ecobe/admin/22/bin/node"
PassengerAppType node
PassengerStartupFile server.js

# Optional: Improve performance and security
PassengerFriendlyErrorPages off
PassengerMaxInstances 1
PassengerMaxPoolSize 1

# ====================== SECURITY HEADERS ======================
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set Referrer-Policy "strict-origin-when-cross-origin"

# ====================== DISABLE DIRECTORY LISTING ======================
Options -Indexes

# DO NOT REMOVE OR MODIFY. CLOUDLINUX ENV VARS CONFIGURATION
<IfModule Litespeed>
</IfModule>