# Hosting del Sur — .htaccess # Generado para el sitio estático Astro RewriteEngine On # HTTPS forzado RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] # www → no-www RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] # Quitar .html de la URL (limpieza opcional) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} ^(.+)\.html$ [NC] RewriteRule ^(.+)\.html$ /$1 [R=301,L] # Compresión gzip AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript application/json image/svg+xml application/xml font/woff2 # Cache-control ExpiresActive On ExpiresByType image/avif "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType text/css "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType font/woff2 "access plus 1 year" ExpiresByType text/html "access plus 1 hour" # Security headers Header set X-Content-Type-Options "nosniff" Header set X-Frame-Options "SAMEORIGIN" Header set Referrer-Policy "strict-origin-when-cross-origin" Header set Permissions-Policy "geolocation=(), microphone=(), camera=()" Header set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS # Proteger archivos sensibles Require all denied Require all denied # No listado de directorios Options -Indexes +Includes # Páginas de error custom ErrorDocument 404 /404.shtml ErrorDocument 500 /500.shtml # Habilitar SSI para .shtml (cPanel lo desactiva por default) AddType text/html .shtml AddHandler server-parsed .shtml Options +Includes