Options +FollowSymLinks -MultiViews -Indexes
# secure htaccess file
<Files .htaccess>
 order allow,deny
 deny from all
</Files>
<Files ~ "header\.php$">  
order allow,deny
deny from all
</Files>
<Files ~ "footer\.php$">  
order allow,deny
deny from all
</Files>

<IfModule mod_rewrite.c>
RewriteEngine On

# # Redirect non-www to www and force HTTPS
# RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

# # Ensure HTTPS and www are both applied (handles cases without www or HTTPS)
# RewriteCond %{HTTP_HOST} ^akinik\.com [NC]
# RewriteRule ^(.*)$ https://www.akinik.com/$1 [R=301,L]

# Force www and HTTPS
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^akinik\.com$ [NC]
RewriteRule ^ https://www.akinik.com%{REQUEST_URI} [L,R=301]

# Ensure the trailing slash on /payment
RewriteCond %{REQUEST_URI} ^/payment$ [NC]
RewriteRule ^payment$ /payment/ [L,R=301]

RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php[\s?] [NC]
RewriteRule ^ %1 [R=301,L]

RewriteRule ^index\.html$ / [NC,R,L]
RewriteRule ^index\.php$ / [NC,R,L]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^books/([a-z-]+)$ books.php?option1=$1 [L,QSA]
RewriteRule ^journals/([a-z-]+)$ journals.php?option1=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^products/([0-9]+)/([^/]+)$ products.php?option1=$1&option2=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^account/updateprofile$ account.php [L,QSA]
RewriteRule ^account/changepassword$ account.php [L,QSA]
RewriteRule ^account/myorders$ account.php [L,QSA]
RewriteRule ^account/myorders/([A-Z0-9]+)/([0-9]+)$ account.php?ordernumber=$1&customerid=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^logout/([a-zA-Z0-9]+)$ logout.php?fingerprint=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^txn/([A-Z0-9]+)/([A-Z0-9]+)/success$ txn.php?txnid=$1&secretkey=$2 [L,QSA]
RewriteRule ^txn/([A-Z0-9]+)/([A-Z0-9]+)/failed$ txn.php?txnid=$1&secretkey=$2 [L,QSA]

RewriteRule ^ord/([A-Z0-9]+)/([A-Z0-9]+)/success$ ord.php?ordernumber=$1&secretkey=$2 [L,QSA]
RewriteRule ^ord/([A-Z0-9]+)/([A-Z0-9]+)/failed$ ord.php?ordernumber=$1&secretkey=$2 [L,QSA]

# OLD RULES
# RewriteRule ^order_response/([A-Z0-9]+)/([A-Z0-9]+)/success$ order_response.php?ordernumber=$1&secretkey=$2 [L,QSA]
# RewriteRule ^order_response/([A-Z0-9]+)/([A-Z0-9]+)/failed$ order_response.php?ordernumber=$1&secretkey=$2 [L,QSA]

# NEW RULES
RewriteRule ^order_response/([A-Z0-9]+)/([A-Z0-9]+)/(success|failed)$ order_response.php?ordernumber=$1&secretkey=$2&status=$3 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^publishbookchapter/([^/]+)$ publishbookchapter.php?option1=$1 [L,QSA]
RewriteRule ^publishbookchapter/([^/]+)/more-topics$ publishbookchapter.php?option1=$1&option2=more-topics [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^mailverify/([a-zA-Z0-9]+)/([a-z]+)$ mailverify.php?logintoken=$1&status=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^authordetails/([0-9]+)/([A-Z0-9]+)$ authordetails.php?id=$1&token=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^purlshortner/([0-9]+)$ purlshortner.php?id=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^productreviews/([0-9]+)/([A-Za-z0-9]+)$ productreviews.php?id=$1&token=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^editedbookreviews/([0-9]+)/([A-Za-z0-9]+)$ editedbookreviews.php?id=$1&token=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^submit_description/([0-9]+)/([A-Za-z0-9]+)$ submit_description.php?id=$1&token=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^checkout/login$ checkout.php?tab=login [L,QSA]
RewriteRule ^checkout/guest$ checkout.php?tab=guest [L,QSA]
RewriteRule ^checkout/deliveryaddress$ checkout.php?tab=deliveryaddress [L,QSA]
RewriteRule ^checkout/review$ checkout.php?tab=review [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^activatedoi/cd67a33ba7e42361bdb962515c7513f6$ activatedoi.php [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^activatebookdoi/cd67a33ba7e42361bdb962515c7513f6$ activatebookdoi.php [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^txn_response/success/([A-Z0-9]+)/([A-Z0-9]+)$ payment/response.php?status=success&txnid=$1&token=$2 [L,QSA]
RewriteRule ^txn_response/failed/([A-Z0-9]+)/([A-Z0-9]+)$ payment/response.php?status=failed&txnid=$1&token=$2 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^paymentredirector/([A-Z0-9]+)/([A-Z0-9]+)/payumoney$ paymentredirector.php?txnid=$1&token=$2&gateway=payumoney [L,QSA]
RewriteRule ^paymentredirector/([A-Z0-9]+)/([A-Z0-9]+)/paypal$ paymentredirector.php?txnid=$1&token=$2&gateway=paypal [L,QSA]
RewriteRule ^paymentredirector/([A-Z0-9]+)/([A-Z0-9]+)/twocheckout$ paymentredirector.php?txnid=$1&token=$2&gateway=twocheckout [L,QSA]
RewriteRule ^paymentredirector/([A-Z0-9]+)/([A-Z0-9]+)/icici$ paymentredirector.php?txnid=$1&token=$2&gateway=icici [L,QSA]
RewriteRule ^paymentcallback/([A-Z0-9]+)/([A-Z0-9]+)/success$ paymentcallback.php?txnid=$1&token=$2&status=success [L,QSA]
RewriteRule ^paymentcallback/([A-Z0-9]+)/([A-Z0-9]+)/failed$ paymentcallback.php?txnid=$1&token=$2&status=failed [L,QSA]

RewriteRule ^phoneperedirector/([A-Z0-9]+)/([A-Z0-9]+)$ phoneperedirector.php?txnid=$1&token=$2 [L,QSA]

RewriteRule ^subscription-enquiry/([a-zA-Z0-9-]+)$ subscription-enquiry.php?pagename=$1 [L,QSA]

RewriteRule ^ayurveda-journals-publication-enquiry$ https://wa.me/919711224068?text=I+want+to+publish+my+article+in+ayurveda+journals. [R=301,L]

# New Payment Redirector
# match payment/init/{txnid}/{token}
RewriteRule ^pay/init/([A-Z0-9]+)/([A-Z0-9]+)$ payment_init.php?txnid=$1&token=$2 [L,QSA,NC]

# Rewrite /blogs/slug → blogs.php?slug=slug
RewriteRule ^blogs/([A-Za-z0-9-]+)$ blogs.php?slug=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]

RewriteRule ^sitemap\.xml/?$ sitemap.php

Redirect /about.html /about
Redirect /career.html /career
Redirect /contact.html /contact
Redirect /print.html /print
Redirect /services.html /services
Redirect /journalsubscription /journal-subscription
Redirect /publishyourownbook /book-publication
Redirect /chemical-engineering-journal-subscription /chemical-engineering-subscription
Redirect /subscriptionform.pdf /SubscriptionForm.pdf
Redirect /JournalsList.pdf* /JournalsList.pdf
Redirect /2checkout /icici-payment

Redirect /biaya-berlangganan-scopus /scopus-subscription-cost
</IfModule>

AddDefaultCharset utf-8

FileETag MTime Size

<IfModule mod_headers.c>
# Set XSS Protection header
Header set X-XSS-Protection "1; mode=block"
</IfModule>

## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"
</IfModule>
## EXPIRES CACHING ##

<IfModule mod_expires.c>
ExpiresActive On
<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|js|css|gif|jpg|jpeg|png|swf)$">
ExpiresDefault A29030400
</FilesMatch>
</IfModule>

<ifModule mod_gzip.c>
  mod_gzip_on Yes
  mod_gzip_dechunk Yes
  mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
  mod_gzip_item_include handler ^cgi-script$
  mod_gzip_item_include mime ^text/.*
  mod_gzip_item_include mime ^application/x-javascript.*
  mod_gzip_item_exclude mime ^image/.*
  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>

<IfModule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml

  # Remove browser bugs (only needed for really old browsers)
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent
</IfModule>

# ============================================================
# ✅ Enforce HTTPS + HSTS (preload-ready)
# ============================================================

<IfModule mod_rewrite.c>
  RewriteEngine On

  # Redirect all HTTP requests to HTTPS
  RewriteCond %{HTTPS} !=on
  RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

<IfModule mod_headers.c>
  # Add HSTS Header (Strict-Transport-Security)
  # 1 year = 31536000 seconds
  # includeSubDomains & preload = required for preload list
  Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

  # Optional: extra security headers
  Header set X-Content-Type-Options "nosniff"
  Header always append X-Frame-Options SAMEORIGIN
  Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# ============================================================
# End of HTTPS + HSTS section
# ============================================================