RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

# Remove multiple slashes from the URL
RewriteCond %{THE_REQUEST} \s//+
RewriteRule .* / [R=301,L]

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.metalstamping-dies.com/$1 [R,L]

# Remove trailing slash for generic URLs
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+?)/$ /$1 [R=301,L]

#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{REQUEST_FILENAME}\.php -f
#RewriteRule ^(.*)$ $1.php


RewriteRule ^sitemap-service\.xml/?$ sitemap-service.php
RewriteRule ^sitemap-state\.xml/?$ sitemap-state.php
RewriteRule ^sitemap-city1\.xml/?$ sitemap-city1.php
RewriteRule ^sitemap-city2\.xml/?$ sitemap-city2.php
RewriteRule ^sitemap-city3\.xml/?$ sitemap-city3.php
RewriteRule ^sitemap-blog\.xml/?$ sitemap-blog.php

RewriteRule ^([a-zA-Z0-9_-]+)$ docustom-tsr.php?docustom-tsr=$1
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)$ docustom-state.php?docustom-tsr=$1&docustom-state=$2
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/(?:\ Ballot169)?
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)$ docustom-county.php?docustom-tsr=$1&docustom-state=$2&docustom-county=




# --- Prevent Image Hotlinking ---
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?metalstamping-dies\.com [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !bing\. [NC]
RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
RewriteRule \.(jpe?g|png|gif|webp)$ https://www.metalstamping-dies.com/nohotlink.png [R,NC,L]

# --- Block Bad Bots (allow Ahrefs & Screaming Frog) ---
RewriteEngine On

# Skip for AhrefsBot and Screaming Frog explicitly
RewriteCond %{HTTP_USER_AGENT} "AhrefsBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Screaming Frog SEO Spider" [NC]
RewriteRule .* - [L]

# Block known bad bots (simplified regex - no parentheses)
RewriteCond %{HTTP_USER_AGENT} "MJ12bot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "DotBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Applebot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "GPTBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "SemrushBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "PetalBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Amazonbot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "BLEXBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "DataForSeoBot" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "python" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "curl" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "wget" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "java" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "httpclient" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "libwww" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "lwp" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "snoopy" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "HTTrack" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "clshttp" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "loader" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "facebookexternalhit" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "ia_archiver" [NC]
RewriteRule .* - [R=403,L]

# --- Block Empty User Agents (Safe Version) ---
RewriteCond %{HTTP_USER_AGENT} ^$ 
RewriteRule .* - [R=403,L]

# --- Protect Sensitive Files (LiteSpeed Safe Syntax) ---
<FilesMatch "(\.htaccess|config\.php|composer\.json|composer\.lock|error_log)$">
  Require all denied
</FilesMatch>

# Enable Compression
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE font/woff2
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
</IfModule>

<IfModule mod_gzip.c>
  mod_gzip_on Yes
  mod_gzip_dechunk Yes
  mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
  mod_gzip_item_include handler ^cgi-script$
  mod_gzip_item_include mime ^text/.*
  mod_gzip_item_include mime ^application/x-javascript.*
  mod_gzip_item_exclude mime ^image/.*
  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>

# Leverage Browser Caching
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/jpg "access 1 year"
  ExpiresByType image/jpeg "access 1 year"
  ExpiresByType image/gif "access 1 year"
   ExpiresByType image/webp "access 1 year"
  ExpiresByType image/png "access 1 year"
  ExpiresByType text/css "access 1 month"
  ExpiresByType text/html "access 1 month"
  ExpiresByType application/pdf "access 1 month"
  ExpiresByType text/x-javascript "access 1 month"
  ExpiresByType application/x-shockwave-flash "access 1 month"
  ExpiresByType image/x-icon "access 1 year"
  ExpiresDefault "access 1 month"
</IfModule>

<FilesMatch "\.(xml|txt|css|js)$">
Header set Cache-Control "max-age=172800, proxy-revalidate"
</FilesMatch>

<IfModule mod_headers.c>
  <filesmatch "\.(ico|flv|jpg|jpeg|webp|png|gif|css|swf)$">
  Header set Cache-Control "max-age=2678400, public"
  </filesmatch>
  <filesmatch "\.(html|htm)$">
  Header set Cache-Control "max-age=7200, private, must-revalidate"
  </filesmatch>
  <filesmatch "\.(pdf)$">
  Header set Cache-Control "max-age=86400, public"
  </filesmatch>
  <filesmatch "\.(js)$">
  Header set Cache-Control "max-age=2678400, private"
  </filesmatch>
</IfModule>

#ErrorDocument 404 https://%{HTTP_HOST}
ErrorDocument 404 /404page.php

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 92.33.219.9
deny from 148.72.247.192
deny from 200.142.98.125
deny from 122.162.147.42
deny from 47.76.209.138
deny from 47.76.99.127
deny from 41.84.232.10
deny from 149.50.218.66
deny from 54.247.209.247
deny from 94.74.82.84
deny from 124.243.147.143
deny from 159.138.121.61
deny from 190.92.213.201
deny from 114.119.175.185
deny from 159.138.86.210
deny from 159.138.98.180
deny from 41.84.232.145
deny from 101.44.162.45
deny from 122.162.145.254
deny from 122.162.150.81
deny from 110.238.109.93
deny from 190.92.204.0
deny from 31.10.57.8
deny from 122.162.145.172
deny from 122.162.151.238
deny from 173.249.27.178
deny from 80.85.246.214
deny from 45.176.243.96
deny from 83.99.151.68
deny from 103.145.255.18
deny from 83.99.151.66
deny from 83.99.151.69
deny from 185.220.100.255
deny from 38.242.140.230
deny from 83.99.151.70
deny from 83.99.151.64
deny from 54.233.109.199
deny from 52.187.212.62
deny from 38.240.43.158
deny from 84.165.68.162
deny from 124.243.151.51
deny from 124.243.137.11
deny from 94.74.90.73
deny from 110.238.105.46
deny from 111.119.219.61
deny from 84.52.5.37
deny from 166.108.231.170
deny from 166.108.201.206
deny from 47.236.134.202
deny from 80.85.245.145
deny from 185.245.104.75
deny from 212.34.132.22
deny from 195.2.81.171
deny from 212.118.43.65
deny from 91.84.109.110
deny from 91.201.115.242
deny from 77.238.230.6
deny from 91.84.110.151
deny from 178.20.47.92
deny from 94.103.93.19
deny from 80.85.246.144
deny from 195.200.26.27
deny from 185.157.214.24
deny from 94.103.88.24
deny from 192.250.229.81
deny from 212.34.146.152
deny from 195.2.81.242
deny from 185.21.13.119
deny from 77.238.225.146
deny from 80.85.246.74
deny from 89.110.115.121
deny from 80.85.246.217
deny from 212.34.141.109
deny from 80.85.245.250
deny from 212.34.154.131
deny from 80.85.245.5
deny from 88.210.11.43
deny from 80.85.247.161
deny from 212.34.140.200
deny from 212.34.135.52
deny from 185.21.14.193
deny from 88.210.10.79
deny from 80.85.246.71
deny from 195.26.225.209

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php82” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php82 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
