# 1. SEGURIDAD DE DIRECTORIOS
# Evita que se listen los archivos si no hay un index.php
Options -Indexes

# 2. PROTECCIÓN DE ARCHIVOS CRÍTICOS
# Bloquea acceso a wp-config, el propio htaccess, logs y archivos de config de PHP
<FilesMatch "^(wp-config\.php|\.htaccess|error_log|php\.ini|\.user\.ini)$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
    </IfModule>
</FilesMatch>

# 3. BLOQUEO DE EJECUCIÓN DE EXTENSIONES PELIGROSAS
<FilesMatch "\.(py|exe|phtml|php[34567]|suspected)$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
    </IfModule>
</FilesMatch>

# 4. REGLAS ESTÁNDAR DE WORDPRESS
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
</IfModule>

# --- INICIO BLOQUES DE HOSTING (NEWFOLD) ---

# BEGIN Newfold Browser Cache
<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresDefault "access plus 24 hours"
	ExpiresByType text/html "access plus 2 hours"
	ExpiresByType image/jpg "access plus 24 hours"
	ExpiresByType image/jpeg "access plus 24 hours"
	ExpiresByType image/gif "access plus 24 hours"
	ExpiresByType image/png "access plus 24 hours"
	ExpiresByType image/webp "access plus 24 hours"
	ExpiresByType text/css "access plus 24 hours"
	ExpiresByType text/javascript "access plus 24 hours"
	ExpiresByType application/pdf "access plus 1 week"
	ExpiresByType image/x-icon "access plus 1 year"
</IfModule>
# END Newfold Browser Cache

# BEGIN Newfold File Cache
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-content/newfold-page-cache/ - [L]
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP_COOKIE} !(wordpress_test_cookie|comment_author|wp\-postpass|wordpress_logged_in|wptouch_switch_toggle|wp_woocommerce_session_) [NC]
RewriteCond %{HTTP:Cache-Control} ^((?!no-cache).)*$
RewriteCond %{DOCUMENT_ROOT}/wp-content/newfold-page-cache/$1/_index.html -f
RewriteRule ^(.*)$ /wp-content/newfold-page-cache/$1/_index.html [L]
</IfModule>
# END Newfold File Cache

# BEGIN Newfold Skip 404 Handling for Static Files
<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_URI} !(robots\.txt|ads\.txt|[a-z0-9_\-]*sitemap[a-z0-9_\.\-]*\.(xml|xsl|html)(\.gz)?)
	RewriteCond %{REQUEST_URI} \.(css|htc|less|js|js2|js3|js4|html|htm|rtf|rtx|txt|xsd|xsl|xml|asf|asx|wax|wmv|wmx|avi|avif|avifs|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|webm|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip)$ [NC]
	RewriteRule .* - [L]
</IfModule>
# END Newfold Skip 404 Handling for Static Files

# --- FIN BLOQUES DE HOSTING ---