.htaccess

############################################
## default index file
DirectoryIndex index.php

############################################
## Prevent character encoding issues from server overrides
AddDefaultCharset Off

############################################
## custom Server-Error-Documents
ErrorDocument 404 /404.php

<IfModule mod_env.c>
   SetEnv PHPRC ** full-server-path **/.user.ini
</IfModule>

<IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>

<IfModule mod_rewrite.c>
    ############################################
    ## enable rewrites
    RewriteEngine On
    RewriteBase /

    ############################################
    ## Rewrite-Conditions Admin
    RewriteRule ^admin_(.*)$ /admin/$1 [L]
    RewriteRule ^admin$ /admin/index.php? [L]
    RewriteRule ^index\.php/admin$ /admin/index.php? [L]

    ############################################
    ## Rewrite-Conditions Ajax
    RewriteRule ^ajax_(.*)$ /ajax/$1 [L]

    ############################################
    ## Rewrite-Conditions Frontend
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d

    RewriteRule ^index/([^/]+)$ /index.php?page=$1 [L,QSA]
    RewriteRule ^index\.php/([^/]+)$ /index.php?page=$1 [L,QSA]

    RewriteCond %{REQUEST_URI} !^/index.php
    RewriteRule ^([^/]+)$ /index.php?page=$1 [L,QSA]

    ############################################
    ## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]
</IfModule>

<IfModule mod_php8.c>
    ############################################
    ## PHP-Error-LOG
    php_flag log_errors on
    php_value error_log ** full-server-path **/var/log/php_errors.log

    ############################################
    ## Session-Configuration
    php_value session.gc_probability 1
    php_value session.gc_divisor 100
    php_value session.gc_maxlifetime 86400
    
    ############################################
    ## Speicherlimit
    php_value memory_limit 2048M
</IfModule>

<IfModule mod_ssl.c>
    ############################################
    ## make HTTPS env vars available for CGI mode
    SSLOptions StdEnvVars
</IfModule>

<IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-Content-Type-Options "nosniff"
    Header set X-Powered-By "RenPy-Translatior"
    Header set Referrer-Policy "same-origin"
    Header set Feature-Policy "geolocation 'self'; vibrate 'none';"
    Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"
    Header set X-Content-Security-Policy "default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomain; preload;"
</IfModule>