<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ /index.php/$1 [L,QSA]

RewriteCond %{HTTPS} off
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_URI} !\.(?:css|js|jpeg|JPG|JPEG|ico|png|svg|ttf|woff|eot|webp)$ [NC]
RewriteRule ^assets/ - [L,F]

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php72” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php56___lsphp .php .php5 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
<FilesMatch ".(?:css|js|jpeg|JPG|JPEG|ico|png|svg|ttf|woff|eot|webp)">
    Header set Access-Control-Allow-Origin "*"
</FilesMatch>

Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS
Header set X-XSS-Protection "1; mode=block"
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';"


</IfModule>
