raphiz/passwordcards/master/.htaccess
# Redirect to HTTPS RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # HSTS Header - only when using https Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS # Only allow access to /index.php and /resources directory RewriteEngine on RewriteCond %{REQUEST_URI} !^/index.php$|resources/ RewriteRule ^(.*)$ / [L,R=301]