Add optional URL rewrite config (.htaccess dan nginx.conf.example)

2025-12-18 11:36:30 +07:00
parent d130cde84d
commit 12c0c84b20
2 changed files with 133 additions and 0 deletions
--- a/.htaccess
+++ b/.htaccess
@@ -0,0 +1,61 @@
+# Apache URL Rewrite untuk Retribusi Frontend
+# Opsional: Hanya diperlukan jika ingin clean URLs atau SPA routing
+
+# Enable rewrite engine
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteBase /
+
+    # Redirect trailing slash (optional)
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteRule ^(.*)/$ /$1 [R=301,L]
+
+    # Jika ingin clean URLs (tanpa .html), uncomment di bawah:
+    # RewriteCond %{REQUEST_FILENAME} !-f
+    # RewriteCond %{REQUEST_FILENAME} !-d
+    # RewriteRule ^dashboard$ public/dashboard/dashboard.html [L]
+    # RewriteRule ^event$ public/dashboard/event.html [L]
+    # RewriteRule ^settings$ public/dashboard/settings.html [L]
+
+    # Fallback untuk SPA (jika diperlukan di masa depan)
+    # RewriteCond %{REQUEST_FILENAME} !-f
+    # RewriteCond %{REQUEST_FILENAME} !-d
+    # RewriteRule ^(.*)$ index.php [QSA,L]
+</IfModule>
+
+# Security headers
+<IfModule mod_headers.c>
+    # Prevent clickjacking
+    Header set X-Frame-Options "SAMEORIGIN"
+    
+    # XSS Protection
+    Header set X-XSS-Protection "1; mode=block"
+    
+    # Content Type Options
+    Header set X-Content-Type-Options "nosniff"
+</IfModule>
+
+# CORS untuk development (jika diperlukan)
+# <IfModule mod_headers.c>
+#     Header set Access-Control-Allow-Origin "*"
+#     Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
+#     Header set Access-Control-Allow-Headers "Content-Type, Authorization, X-API-KEY"
+# </IfModule>
+
+# Cache static assets
+<IfModule mod_expires.c>
+    ExpiresActive On
+    ExpiresByType text/css "access plus 1 year"
+    ExpiresByType application/javascript "access plus 1 year"
+    ExpiresByType image/png "access plus 1 year"
+    ExpiresByType image/jpg "access plus 1 year"
+    ExpiresByType image/jpeg "access plus 1 year"
+    ExpiresByType image/gif "access plus 1 year"
+    ExpiresByType image/svg+xml "access plus 1 year"
+</IfModule>
+
+# Gzip compression
+<IfModule mod_deflate.c>
+    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
+</IfModule>
+
--- a/nginx.conf.example
+++ b/nginx.conf.example
@@ -0,0 +1,72 @@
+# Nginx configuration untuk Retribusi Frontend
+# Copy ke /etc/nginx/sites-available/retribusi atau include di nginx.conf
+
+server {
+    listen 80;
+    server_name retribusi.btekno.cloud;
+    
+    # Redirect HTTP ke HTTPS (jika ada SSL)
+    # return 301 https://$server_name$request_uri;
+
+    root /www/wwwroot/retribusi.btekno.cloud/retribusi;
+    index index.php index.html;
+
+    # Logging
+    access_log /var/log/nginx/retribusi_access.log;
+    error_log /var/log/nginx/retribusi_error.log;
+
+    # Security headers
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header X-Content-Type-Options "nosniff" always;
+
+    # Static files
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+
+    # Clean URLs (opsional - uncomment jika diperlukan)
+    # location /dashboard {
+    #     try_files $uri $uri/ /public/dashboard/dashboard.html;
+    # }
+    # location /event {
+    #     try_files $uri $uri/ /public/dashboard/event.html;
+    # }
+    # location /settings {
+    #     try_files $uri $uri/ /public/dashboard/settings.html;
+    # }
+
+    # PHP files
+    location ~ \.php$ {
+        fastcgi_pass unix:/var/run/php/php8.2-fpm.sock; # Sesuaikan versi PHP
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+    }
+
+    # Default location
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    # Deny access to hidden files
+    location ~ /\. {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+}
+
+# HTTPS configuration (jika ada SSL)
+# server {
+#     listen 443 ssl http2;
+#     server_name retribusi.btekno.cloud;
+#     
+#     ssl_certificate /path/to/cert.pem;
+#     ssl_certificate_key /path/to/key.pem;
+#     
+#     # ... (sama seperti konfigurasi di atas)
+# }
+