.htaccess

# Security Rules for UK Data Services

# Protect sensitive files and configs
<FilesMatch "^\.(.*)$|\.log$|\.sql$|\.conf$|config\.php$|\.email-config\.php$|\.htaccess|\.htpasswd|\.ini|\.sh|\.inc|\.bak$">
    Require all denied
</FilesMatch>

# Protect contact handlers from direct browser access (POST only)
<Files "contact-handler.php">
    <LimitExcept POST>
        Require all denied
    </LimitExcept>
</Files>

<Files "quote-handler.php">
    <LimitExcept POST>
        Require all denied
    </LimitExcept>
</Files>

# Security headers
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# Enhanced Gzip compression
<IfModule mod_deflate.c>
    # Enable compression for all text-based files
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
    AddOutputFilterByType DEFLATE application/javascript application/x-javascript
    AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
    AddOutputFilterByType DEFLATE application/json application/ld+json
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE font/ttf font/otf font/eot font/woff font/woff2
    
    # Remove browser bugs for older browsers
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    Header append Vary User-Agent
</IfModule>

# Enable Brotli compression if available
<IfModule mod_brotli.c>
    AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript
    AddOutputFilterByType BROTLI_COMPRESS application/javascript application/x-javascript
    AddOutputFilterByType BROTLI_COMPRESS application/xml application/xhtml+xml application/rss+xml
    AddOutputFilterByType BROTLI_COMPRESS application/json application/ld+json
    AddOutputFilterByType BROTLI_COMPRESS image/svg+xml
    AddOutputFilterByType BROTLI_COMPRESS font/ttf font/otf font/woff font/woff2
</IfModule>

# Browser Caching Headers
<IfModule mod_expires.c>
    ExpiresActive On
    
    # Images - 1 year
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresByType image/ico "access plus 1 year"
    
    # Fonts - 1 year
    ExpiresByType font/ttf "access plus 1 year"
    ExpiresByType font/otf "access plus 1 year"
    ExpiresByType font/woff "access plus 1 year"
    ExpiresByType font/woff2 "access plus 1 year"
    ExpiresByType application/font-woff "access plus 1 year"
    ExpiresByType application/font-woff2 "access plus 1 year"
    
    # CSS and JavaScript - 1 month
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/x-javascript "access plus 1 month"
    
    # HTML and PHP - 1 hour
    ExpiresByType text/html "access plus 1 hour"
    ExpiresByType application/xhtml+xml "access plus 1 hour"
    
    # Data - no cache
    ExpiresByType application/json "access plus 0 seconds"
    ExpiresByType application/xml "access plus 0 seconds"
    ExpiresByType text/xml "access plus 0 seconds"
    
    # Default - 1 week
    ExpiresDefault "access plus 1 week"
</IfModule>

# Cache-Control Headers
<IfModule mod_headers.c>
    # Static assets - 1 year
    <FilesMatch "\.(jpg|jpeg|png|gif|webp|svg|ico|woff|woff2|ttf|otf|eot)$">
        Header set Cache-Control "max-age=31536000, public, immutable"
    </FilesMatch>
    
    # CSS and JS - 1 month
    <FilesMatch "\.(css|js)$">
        Header set Cache-Control "max-age=2592000, public"
    </FilesMatch>
    
    # HTML/PHP - 1 hour
    <FilesMatch "\.(html|php)$">
        Header set Cache-Control "max-age=3600, public, must-revalidate"
    </FilesMatch>
    
    # Keep-alive
    Header set Connection keep-alive
</IfModule>

# HTTP/2 Server Push
<IfModule mod_http2.c>
    # Push critical resources
    <FilesMatch "index\.php">
        Header add Link "</assets/css/main.min.css>; rel=preload; as=style"
        Header add Link "</assets/images/ukds-main-logo.webp>; rel=preload; as=image"
        Header add Link "</assets/js/main.min.js>; rel=preload; as=script"
    </FilesMatch>
</IfModule>

# ETags
FileETag None
Header unset ETag

# Disable directory browsing
Options -Indexes

# Prevent access to logs and database directories
<IfModule mod_rewrite.c>
    RewriteEngine On

    # Skip already processed .php files
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^services/.*\.php$ - [L]

    # Explicitly allow existing service pages (skip redirects)
    RewriteRule ^services/competitive-intelligence/?$ /services/competitive-intelligence.php [L]
    RewriteRule ^services/data-cleaning/?$ /services/data-cleaning.php [L]
    RewriteRule ^services/financial-data-services/?$ /services/financial-data-services.php [L]
    RewriteRule ^services/price-monitoring/?$ /services/price-monitoring.php [L]
    RewriteRule ^services/property-data-extraction/?$ /services/property-data-extraction.php [L]
    RewriteRule ^services/web-scraping/?$ /services/web-scraping.php [L]

    # Redirect /services index to project-types
    RewriteRule ^services/?$ /project-types [R=301,L]

    # Redirect unknown service pages to project-types
    RewriteRule ^services/(.+)$ /project-types [R=301,L]

    # Clean URL rewriting - remove .php extension
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME}.php -f
    RewriteRule ^(.+?)/?$ $1.php [L]
    
    # Security rules
    RewriteRule ^logs(/.*)?$ - [F,L]
    RewriteRule ^database(/.*)?$ - [F,L]
    RewriteRule ^\.git(/.*)?$ - [F,L]
    RewriteRule ^docker(/.*)?$ - [F,L]
</IfModule>

# Disable server signature
ServerSignature Off
Many blog changes 2025-06-08 11:21:30 +01:00			`# Security Rules for UK Data Services`

			`# Protect sensitive files and configs`
			`<FilesMatch "^\.(.*)$\|\.log$\|\.sql$\|\.conf$\|config\.php$\|\.email-config\.php$\|\.htaccess\|\.htpasswd\|\.ini\|\.sh\|\.inc\|\.bak$">`
			`Require all denied`
			`</FilesMatch>`

			`# Protect contact handlers from direct browser access (POST only)`
			`<Files "contact-handler.php">`
			`<LimitExcept POST>`
			`Require all denied`
			`</LimitExcept>`
			`</Files>`

			`<Files "quote-handler.php">`
			`<LimitExcept POST>`
			`Require all denied`
			`</LimitExcept>`
			`</Files>`

			`# Security headers`
			`<IfModule mod_headers.c>`
			`Header always set X-Content-Type-Options "nosniff"`
			`Header always set X-Frame-Options "SAMEORIGIN"`
			`Header always set X-XSS-Protection "1; mode=block"`
			`Header always set Referrer-Policy "strict-origin-when-cross-origin"`
			`</IfModule>`

Backup database and code changes - 2025-06-08 18:36:00 2025-06-08 18:36:00 +00:00			`# Enhanced Gzip compression`
Many blog changes 2025-06-08 11:21:30 +01:00			`<IfModule mod_deflate.c>`
Backup database and code changes - 2025-06-08 18:36:00 2025-06-08 18:36:00 +00:00			`# Enable compression for all text-based files`
			`AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript`
			`AddOutputFilterByType DEFLATE application/javascript application/x-javascript`
			`AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml`
			`AddOutputFilterByType DEFLATE application/json application/ld+json`
			`AddOutputFilterByType DEFLATE image/svg+xml`
			`AddOutputFilterByType DEFLATE font/ttf font/otf font/eot font/woff font/woff2`

			`# Remove browser bugs for older browsers`
			`BrowserMatch ^Mozilla/4 gzip-only-text/html`
			`BrowserMatch ^Mozilla/4\.0[678] no-gzip`
			`BrowserMatch \bMSIE !no-gzip !gzip-only-text/html`
			`Header append Vary User-Agent`
Many blog changes 2025-06-08 11:21:30 +01:00			`</IfModule>`

Backup database and code changes - 2025-06-08 18:36:00 2025-06-08 18:36:00 +00:00			`# Enable Brotli compression if available`
			`<IfModule mod_brotli.c>`
			`AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript`
			`AddOutputFilterByType BROTLI_COMPRESS application/javascript application/x-javascript`
			`AddOutputFilterByType BROTLI_COMPRESS application/xml application/xhtml+xml application/rss+xml`
			`AddOutputFilterByType BROTLI_COMPRESS application/json application/ld+json`
			`AddOutputFilterByType BROTLI_COMPRESS image/svg+xml`
			`AddOutputFilterByType BROTLI_COMPRESS font/ttf font/otf font/woff font/woff2`
			`</IfModule>`

			`# Browser Caching Headers`
			`<IfModule mod_expires.c>`
			`ExpiresActive On`

			`# Images - 1 year`
			`ExpiresByType image/jpeg "access plus 1 year"`
			`ExpiresByType image/jpg "access plus 1 year"`
			`ExpiresByType image/gif "access plus 1 year"`
			`ExpiresByType image/png "access plus 1 year"`
			`ExpiresByType image/webp "access plus 1 year"`
			`ExpiresByType image/svg+xml "access plus 1 year"`
			`ExpiresByType image/x-icon "access plus 1 year"`
			`ExpiresByType image/ico "access plus 1 year"`

			`# Fonts - 1 year`
			`ExpiresByType font/ttf "access plus 1 year"`
			`ExpiresByType font/otf "access plus 1 year"`
			`ExpiresByType font/woff "access plus 1 year"`
			`ExpiresByType font/woff2 "access plus 1 year"`
			`ExpiresByType application/font-woff "access plus 1 year"`
			`ExpiresByType application/font-woff2 "access plus 1 year"`

			`# CSS and JavaScript - 1 month`
			`ExpiresByType text/css "access plus 1 month"`
			`ExpiresByType application/javascript "access plus 1 month"`
			`ExpiresByType text/javascript "access plus 1 month"`
			`ExpiresByType application/x-javascript "access plus 1 month"`

			`# HTML and PHP - 1 hour`
			`ExpiresByType text/html "access plus 1 hour"`
			`ExpiresByType application/xhtml+xml "access plus 1 hour"`

			`# Data - no cache`
			`ExpiresByType application/json "access plus 0 seconds"`
			`ExpiresByType application/xml "access plus 0 seconds"`
			`ExpiresByType text/xml "access plus 0 seconds"`

			`# Default - 1 week`
			`ExpiresDefault "access plus 1 week"`
			`</IfModule>`

			`# Cache-Control Headers`
			`<IfModule mod_headers.c>`
			`# Static assets - 1 year`
			`<FilesMatch "\.(jpg\|jpeg\|png\|gif\|webp\|svg\|ico\|woff\|woff2\|ttf\|otf\|eot)$">`
			`Header set Cache-Control "max-age=31536000, public, immutable"`
			`</FilesMatch>`

			`# CSS and JS - 1 month`
			`<FilesMatch "\.(css\|js)$">`
			`Header set Cache-Control "max-age=2592000, public"`
			`</FilesMatch>`

			`# HTML/PHP - 1 hour`
			`<FilesMatch "\.(html\|php)$">`
			`Header set Cache-Control "max-age=3600, public, must-revalidate"`
			`</FilesMatch>`

			`# Keep-alive`
			`Header set Connection keep-alive`
			`</IfModule>`

			`# HTTP/2 Server Push`
			`<IfModule mod_http2.c>`
			`# Push critical resources`
			`<FilesMatch "index\.php">`
			`Header add Link "</assets/css/main.min.css>; rel=preload; as=style"`
			`Header add Link "</assets/images/ukds-main-logo.webp>; rel=preload; as=image"`
			`Header add Link "</assets/js/main.min.js>; rel=preload; as=script"`
			`</FilesMatch>`
			`</IfModule>`

			`# ETags`
			`FileETag None`
			`Header unset ETag`

Many blog changes 2025-06-08 11:21:30 +01:00			`# Disable directory browsing`
			`Options -Indexes`

			`# Prevent access to logs and database directories`
			`<IfModule mod_rewrite.c>`
			`RewriteEngine On`
Implement marketing audit recommendations across site - Add /services → /project-types 301 redirects in .htaccess - Remove .php extensions from all user-facing links across all pages - Rewrite homepage hero with benefit-focused H1, subtitle, CTAs, and stats - Add trust signals section below hero with badges - Rewrite service cards with benefit-focused copy - Update FAQ schema to match actual page FAQ content (6 questions) - Restructure quote form from 5-step to 3-step wizard with sidebar - Update about page mission statement and CTA copy - Update project-types page title, H1, and add Organization schema - Add trust signals and quote layout CSS styles - Clean sitemap: remove .php extensions, remove blog/search, update dates Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 11:39:22 +00:00
Website improvements: fix service pages, add web-scraping service, trust badges, contact redirect - Fix .htaccess to allow individual service pages instead of redirecting all to project-types - Add /services/web-scraping page with full content, schema markup, and SEO optimization - Add /contact redirect to /quote (301) - Update project-types.php title to remove C# jargon - Add trust badges section to footer (GDPR, ICO, Cyber Essentials, UK Based) - Add Web Scraping to footer services list 2026-02-03 19:34:30 +00:00			`# Skip already processed .php files`
			`RewriteCond %{REQUEST_FILENAME} -f`
			`RewriteRule ^services/.*\.php$ - [L]`

			`# Explicitly allow existing service pages (skip redirects)`
			`RewriteRule ^services/competitive-intelligence/?$ /services/competitive-intelligence.php [L]`
			`RewriteRule ^services/data-cleaning/?$ /services/data-cleaning.php [L]`
			`RewriteRule ^services/financial-data-services/?$ /services/financial-data-services.php [L]`
			`RewriteRule ^services/price-monitoring/?$ /services/price-monitoring.php [L]`
			`RewriteRule ^services/property-data-extraction/?$ /services/property-data-extraction.php [L]`
			`RewriteRule ^services/web-scraping/?$ /services/web-scraping.php [L]`

			`# Redirect /services index to project-types`
			`RewriteRule ^services/?$ /project-types [R=301,L]`

			`# Redirect unknown service pages to project-types`
			`RewriteRule ^services/(.+)$ /project-types [R=301,L]`
Implement marketing audit recommendations across site - Add /services → /project-types 301 redirects in .htaccess - Remove .php extensions from all user-facing links across all pages - Rewrite homepage hero with benefit-focused H1, subtitle, CTAs, and stats - Add trust signals section below hero with badges - Rewrite service cards with benefit-focused copy - Update FAQ schema to match actual page FAQ content (6 questions) - Restructure quote form from 5-step to 3-step wizard with sidebar - Update about page mission statement and CTA copy - Update project-types page title, H1, and add Organization schema - Add trust signals and quote layout CSS styles - Clean sitemap: remove .php extensions, remove blog/search, update dates Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-29 11:39:22 +00:00
Backup database and code changes - 2025-06-08 20:51:14 2025-06-08 20:51:14 +00:00			`# Clean URL rewriting - remove .php extension`
			`RewriteCond %{REQUEST_FILENAME} !-d`
			`RewriteCond %{REQUEST_FILENAME} !-f`
			`RewriteCond %{REQUEST_FILENAME}.php -f`
			`RewriteRule ^(.+?)/?$ $1.php [L]`

			`# Security rules`
Many blog changes 2025-06-08 11:21:30 +01:00			`RewriteRule ^logs(/.*)?$ - [F,L]`
			`RewriteRule ^database(/.*)?$ - [F,L]`
			`RewriteRule ^\.git(/.*)?$ - [F,L]`
			`RewriteRule ^docker(/.*)?$ - [F,L]`
			`</IfModule>`

			`# Disable server signature`
Secure contact form and email configuration - Add email header injection prevention - Implement referer checking for form submissions - Create .htaccess security rules for handlers - Add secure email configuration file - Include UTF-8 database backup - Restrict access to sensitive files 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-06-08 03:42:09 +00:00			`ServerSignature Off`