crm.clientright.ru/erv_ticket/.htaccess

# ============================================
# ERV TICKET - .htaccess
# ============================================

# Защита .env файла
<Files ".env">
    Require all denied
    Order deny,allow
    Deny from all
</Files>

# Защита config.php (необязательно, но для безопасности)
<Files "config.php">
    Require all denied
    Order deny,allow
    Deny from all
</Files>

# Принудительный HTTPS (раскомментировать при наличии SSL)
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Защита от просмотра директорий
Options -Indexes

# Безопасные заголовки
<IfModule mod_headers.c>
    # XSS Protection
    Header set X-XSS-Protection "1; mode=block"
    
    # Prevent MIME sniffing
    Header set X-Content-Type-Options "nosniff"
    
    # Clickjacking protection
    Header set X-Frame-Options "SAMEORIGIN"
    
    # Referrer Policy
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
🚀 CRM Files Migration & Real-time Features ✨ Features: - Migrated ALL files to new S3 structure (Projects, Contacts, Accounts, HelpDesk, Invoice, etc.) - Added Nextcloud folder buttons to ALL modules - Fixed Nextcloud editor integration - WebSocket server for real-time updates - Redis Pub/Sub integration - File path manager for organized storage - Redis caching for performance (Functions.php) 📁 New Structure: Documents/Project/ProjectName_ID/file_docID.ext Documents/Contacts/FirstName_LastName_ID/file_docID.ext Documents/Accounts/AccountName_ID/file_docID.ext 🔧 Technical: - FilePathManager for standardized paths - S3StorageService integration - WebSocket server (Node.js + Docker) - Redis cache for getBasicModuleInfo() - Predis library for Redis connectivity 📝 Scripts: - Migration scripts for all modules - Test pages for WebSocket/SSE/Polling - Documentation (MIGRATION_.md, REDIS_.md) 🎯 Result: 15,000+ files migrated successfully! 2025-10-24 19:59:28 +03:00			`# ============================================`
			`# ERV TICKET - .htaccess`
			`# ============================================`

			`# Защита .env файла`
			`<Files ".env">`
			`Require all denied`
			`Order deny,allow`
			`Deny from all`
			`</Files>`

			`# Защита config.php (необязательно, но для безопасности)`
			`<Files "config.php">`
			`Require all denied`
			`Order deny,allow`
			`Deny from all`
			`</Files>`

			`# Принудительный HTTPS (раскомментировать при наличии SSL)`
			`# RewriteEngine On`
			`# RewriteCond %{HTTPS} off`
			`# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]`

			`# Защита от просмотра директорий`
			`Options -Indexes`

			`# Безопасные заголовки`
			`<IfModule mod_headers.c>`
			`# XSS Protection`
			`Header set X-XSS-Protection "1; mode=block"`

			`# Prevent MIME sniffing`
			`Header set X-Content-Type-Options "nosniff"`

			`# Clickjacking protection`
			`Header set X-Frame-Options "SAMEORIGIN"`

			`# Referrer Policy`
			`Header set Referrer-Policy "strict-origin-when-cross-origin"`
			`</IfModule>`