 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/soundstudiopro.com/private_html/ |
# .htaccess for SoundStudioPro.com - Advanced SEO Optimization
# Comprehensive configuration for better search engine rankings
# Enable RewriteEngine
RewriteEngine On
# ============================================
# SECURITY: Block Access to Sensitive Files
# ============================================
# Block access to .md files (security - contains sensitive system information)
RewriteRule \.md$ - [F,L]
# Block access to test files (security - exposes system internals)
RewriteRule (^|/)(test|spec|tests) - [F,L]
# Block access to debug files (security - exposes debugging information)
RewriteRule (^|/)(debug|debug_) - [F,L]
# Block access to .git directory (security - version control exposure)
RewriteRule ^\.git - [F,L]
# Block access to IDE/editor directories
RewriteRule ^\.(idea|vscode|sublime|phpstorm) - [F,L]
# Block access to config directory (security - contains sensitive configuration)
RewriteRule ^config/ - [F,L]
# Block access to migrations directory (security - database structure exposure)
RewriteRule ^migrations/ - [F,L]
# Block access to task_results directory (security - contains callback data)
RewriteRule ^task_results/ - [F,L]
# Block access to logs directory (security - contains sensitive log data)
RewriteRule ^logs/ - [F,L]
# Fix accidental trailing slash on static assets (e.g. /assets/js/file.js/)
RewriteRule ^(.+\.(js|css|png|jpe?g|gif|svg|webp|mp3|m4a|wav))/$ /$1 [R=301,L,NC]
# Security Headers for Better SEO Trust Signals and Security
<IfModule mod_headers.c>
# X-Content-Type-Options - Prevents MIME type sniffing
Header always set X-Content-Type-Options nosniff
# X-Frame-Options - Prevents clickjacking
Header always set X-Frame-Options DENY
# X-XSS-Protection - Enables XSS filtering
Header always set X-XSS-Protection "1; mode=block"
# Referrer Policy - Controls referrer information
Header always set Referrer-Policy "strict-origin-when-cross-origin"
# Strict Transport Security (HSTS) - Forces HTTPS for 1 year
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# Permissions Policy - Restricts browser features
Header always set Permissions-Policy "geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()"
# Content Security Policy (adjust as needed for your site)
Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://fonts.googleapis.com https://js.stripe.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https: https://api.stripe.com; media-src 'self' https:; frame-src 'self' https://js.stripe.com; frame-ancestors 'none';"
# Remove X-Powered-By header for security
Header unset X-Powered-By
</IfModule>
# HTTPS Redirect for SEO (Force SSL)
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# WWW to non-WWW redirect for consistent domain
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
# SEO-Friendly URL Redirects and Rewrites
# Redirect old pages to new SEO-optimized ones
# RedirectMatch 301 ^/community\.php$ /community_fixed.php
RedirectMatch 301 ^/discover\.php$ /community_fixed.php
RedirectMatch 301 ^/music\.php$ /community_fixed.php
# Redirect dashboard.php to library.php (dashboard was removed in favor of library)
RedirectMatch 301 ^/dashboard\.php/?$ /library.php
# Clean URLs for better SEO
RewriteRule ^track/([0-9]+)/?$ track.php?id=$1 [L,QSA]
RewriteRule ^artist/([0-9]+)/?$ artist_profile_clean.php?id=$1 [L,QSA]
RewriteRule ^crate/([0-9]+)/?$ crate.php?id=$1 [L,QSA]
RewriteRule ^crates/?$ crates.php [L,QSA]
RewriteRule ^genre/([a-zA-Z0-9-]+)/?$ community_fixed.php?genre=$1 [L,QSA]
RewriteRule ^search/([^/]+)/?$ community_fixed.php?search=$1 [L,QSA]
# Custom URL routing for user profiles (must come after other specific rules)
# Only match if it's not a file, directory, or existing route
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(admin|api|auth|assets|uploads|config|includes|artists|tracks|profile|settings|login|register|logout|artist|track|genre|search|community|library|create|dashboard|credits|pricing|terms|privacy|checkout|cart) [NC]
RewriteRule ^([a-zA-Z0-9-]{3,30})/?$ artist_profile_clean.php?custom_url=$1 [L,QSA]
# Note: Routes now go directly to artist_profile_clean.php for better performance
# artist_profile.php redirects to artist_profile_clean.php for backward compatibility
# SEO Landing Pages for High-Value Keywords
RewriteRule ^free-ai-music-generator/?$ community_fixed.php?seo=free-ai-music-generator [L,QSA]
RewriteRule ^ai-music-software/?$ community_fixed.php?seo=ai-music-software [L,QSA]
RewriteRule ^music-production-software/?$ community_fixed.php?seo=music-production-software [L,QSA]
RewriteRule ^beat-maker-software/?$ community_fixed.php?seo=beat-maker-software [L,QSA]
RewriteRule ^ai-song-generator/?$ community_fixed.php?seo=ai-song-generator [L,QSA]
RewriteRule ^royalty-free-music/?$ community_fixed.php?seo=royalty-free-music [L,QSA]
RewriteRule ^online-music-maker/?$ community_fixed.php?seo=online-music-maker [L,QSA]
RewriteRule ^ai-beat-maker/?$ community_fixed.php?seo=ai-beat-maker [L,QSA]
# Stripe Webhook - Direct mapping without redirect (must come before trailing slash rule)
# Handles both /webhooks/stripe and /webhooks/stripe/ to prevent 301 redirects
RewriteRule ^webhooks/stripe/?$ webhooks/stripe.php [L]
# Trailing Slash Redirect for Consistency
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1/ [L,R=301]
# File Compression for Faster Loading (SEO Factor)
<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
</IfModule>
# Browser Caching for Better Page Speed (SEO Factor)
<IfModule mod_expires.c>
ExpiresActive on
# Images
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
# Audio files
ExpiresByType audio/mpeg "access plus 1 month"
ExpiresByType audio/mp3 "access plus 1 month"
ExpiresByType audio/wav "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
# CSS and JavaScript
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
# Fonts
ExpiresByType font/ttf "access plus 1 year"
ExpiresByType font/otf "access plus 1 year"
ExpiresByType font/woff "access plus 1 year"
ExpiresByType font/woff2 "access plus 1 year"
ExpiresByType application/font-woff "access plus 1 year"
# Default
ExpiresDefault "access plus 1 week"
</IfModule>
# Cache-Control Headers
<IfModule mod_headers.c>
# Prevent caching of artists.php (force fresh content)
<FilesMatch "artists\.php$">
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
</FilesMatch>
# CSS and JS files
<FilesMatch "\.(css|js)$">
Header set Cache-Control "public, max-age=2592000"
</FilesMatch>
# Image files
<FilesMatch "\.(jpg|jpeg|png|gif|webp|svg|ico)$">
Header set Cache-Control "public, max-age=2592000"
</FilesMatch>
# Audio files
<FilesMatch "\.(mp3|wav|ogg|m4a)$">
Header set Cache-Control "public, max-age=2592000"
</FilesMatch>
# Font files
<FilesMatch "\.(ttf|otf|woff|woff2|eot)$">
Header set Cache-Control "public, max-age=31536000"
</FilesMatch>
</IfModule>
# Prevent Access to Sensitive Files
<Files ~ "^.*\.([Hh][Tt][Aa])">
Order allow,deny
Deny from all
Satisfy all
</Files>
<FilesMatch "^(composer|package)\.json$">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to all .md files (security - contains sensitive system information)
<FilesMatch "\.md$">
Order allow,deny
Deny from all
</FilesMatch>
# Protect sensitive configuration files
<FilesMatch "\.(sql|log|env)$">
Order allow,deny
Deny from all
</FilesMatch>
# Protect database.env.php specifically
<FilesMatch "^database\.env\.php$">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to backup files
<FilesMatch "\.(bak|backup|old|orig|original|tmp)$">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to test and debug PHP files (security - exposes system internals)
<FilesMatch "^(test|spec|debug|debug_).*\.php$">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to fix/utility scripts that might expose internals
# Exception: fix_impersonation.php is allowed (admin-only, verified in PHP code)
# Use RewriteCond to exclude fix_impersonation.php from blocking
RewriteCond %{REQUEST_URI} !^/fix_impersonation\.php [NC]
RewriteRule ^(fix_|auto_fix|migrate_|create_.*_tables?|run_).*\.php$ - [F,L]
# Block access to .git directory and files
<FilesMatch "^\.git">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to IDE configuration files
<FilesMatch "\.(idea|vscode|sublime|phpstorm)">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to version control files
<FilesMatch "\.(git|svn|hg)">
Order allow,deny
Deny from all
</FilesMatch>
# Custom Error Pages for Better UX (SEO Factor)
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
# Prevent Directory Browsing
Options -Indexes
# Enable Follow Symlinks (if needed)
Options +FollowSymlinks
# ETags for Better Caching
FileETag MTime Size
# Remove Server Signature for Security
ServerSignature Off
# Add Language Declaration for SEO
AddDefaultCharset UTF-8
# MIME Types for Audio Files (Important for Music Platform)
<IfModule mod_mime.c>
AddType audio/mpeg mp3
AddType audio/mp4 m4a
AddType audio/ogg ogg
AddType audio/wav wav
AddType audio/webm webm
</IfModule>
# Content-Length Header for Audio Streaming
<IfModule mod_headers.c>
<FilesMatch "\.(mp3|wav|ogg|m4a)$">
Header set Accept-Ranges bytes
</FilesMatch>
</IfModule>
# Redirect sitemap requests to proper sitemaps
RewriteRule ^sitemap\.xml$ sitemap-index.xml [L,R=301]
# Allow both .php and clean URLs to work (backwards compatible)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^([^\.]+)$ $1.php [NC,L]