SetEnv SERVER_ADMIN hi@domain.tld
SetEnv TZ Europe/Stockholm

DefaultLanguage sv-SE
AddDefaultCharset UTF-8
Options All -Indexes
IndexIgnore *
LimitRequestBody 10240000

<Files .htaccess>
	order allow,deny
	deny from all
</Files>

<IfModule mod_headers.c>
	Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
	Header always set X-Frame-Options "SAMEORIGIN"
	#Header always set Content-Security-Policy "default-src 'self'; img-src 'self'"
	Header always set X-Frame-Options "ALLOW-FROM URL"
	Header always set X-Content-Type-Options nosniff
	Header always set Referrer-Policy "same-origin"
	Header always set Permissions-Policy "encrypted-media=(),fullscreen=*"
</IfModule>



<IfModule mod_rewrite.c>
	DirectoryIndex index.php

	ErrorDocument 403 /template/page-errors.php?err=403
	ErrorDocument 404 /template/page-errors.php?err=404
	ErrorDocument 500 /template/page-errors.php?err=500

	RewriteEngine On
	RewriteBase /template/

	RewriteCond %{REQUEST_METHOD} !^(GET|POST)
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_FILENAME} !-f

	RewriteRule ^$    index.php
</IfModule>