RewriteEngine On
RewriteBase /

# Maintenance Mode
# RewriteCond %{REQUEST_URI} !^/admin [NC]
# RewriteCond %{REQUEST_URI} !\.(css|js|png|jpg|gif|ico|svg|webp)$ [NC]
# RewriteRule ^(.*)$ maintenance.php [R=302,L]

# Force HTTPS
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

# SEO Friendly URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/?$ index.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/servicios/([a-z-]+)/?$ pages/servicios/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/empresa/([a-z-]+)/?$ pages/empresa/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/mayoristas/([a-z-]+)/?$ pages/mayoristas/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/datacenter/([a-z-]+)/?$ pages/datacenter/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/seguridad/([a-z-]+)/?$ pages/seguridad/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/blog/([a-z-]+)/?$ pages/blog/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z]{2})/([a-z-]+)/?$ pages/$2.php?lang=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-z-]+)/?$ pages/$1.php [L,QSA]

# Security Headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# Cache Control
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
</IfModule>

# Compress
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript application/json image/svg+xml
</IfModule>

# Block bad bots
RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|curl|java|urllib) [NC]
RewriteRule .* - [F,L]

# Protect files
<FilesMatch "\.(env|sql|md|log|json|lock)$">
    Require all denied
</FilesMatch>

# Directory protection
Options -Indexes
