
#! BEGIN IRISMVC SETTINGS

#! Not all hosts allow this.
#	Options +FollowSymLinks

#@@ Set the default file
##===============================================
	DirectoryIndex index.php

#@@ SET DEFAULT CHARSET TO UTF-8
##===============================================
	AddDefaultCharset utf-8

#@@ Prevent .htaccess and .htpasswd files from
#@@ being accessed from outside app scope
##================================================
<Files "^\.ht">
	Order allow,deny
	Deny from all
</Files>

#@@ Protect files from being accessed from
#@@ outside app scope
##===============================================
<Files ~ "^(.*)\.(inc|inc\.php|tpl|tpl\.php|sql|ini)$">
  Order deny,allow
  Deny from all
</Files>


<IfModule mod_rewrite.c>

	RewriteEngine on

## FILTER REQUEST
##==========================================
## [ http://bodvoc.com/index.php?option=com_content&view=article&id=43:improving-your-joomla-htaccess-file&catid=2:joomla-security&Itemid=3
## UNCOMMENT ONLY IF YOU REALLY NEED THIS
##==========================================
# RewriteCond %{REQUEST_METHOD}  ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
# RewriteCond %{HTTP_REFERER}    ^(.*)(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
# RewriteCond %{HTTP_COOKIE}     ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
# RewriteCond %{REQUEST_URI}     ^/(,|;|:|<|>|">|"<|/|\\\.\.\\).{0,9999}.* [NC,OR]
# RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
# RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR]
# RewriteCond %{HTTP_USER_AGENT} ^.*(winhttp|HTTrack|clshttp|loader|email|harvest|extract|grab|miner).* [NC,OR]
# RewriteCond %{HTTP_USER_AGENT} ^.*(libwww-perl|curl|wget|python|nikto|scan).* [NC,OR]
# RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC,OR]
# RewriteCond %{QUERY_STRING}    ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR]
# RewriteCond %{QUERY_STRING}    ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
# RewriteCond %{QUERY_STRING}    ^.*\.[A-Za-z0-9].* [NC,OR]
# RewriteCond %{QUERY_STRING}    ^.*(<|>|'|%0A|%0D|%27|%3C|%3E|%00).* [NC]
# RewriteRule ^(.*)$ index.php/$1 [NC,L]
# ^^ or define an error page that will display a custom error message


    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php/$1 [QSA,L]


</IfModule>
#! END IRISMVC SETTINGS
