RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS

# Security Headers
<IfModule mod_headers.c>
	#Header set X-XSS-Protection "1; mode=block"
	#Header set X-Frame-Options "SAMEORIGIN"
	#Header set X-Content-Type-Options "nosniff"
 	# Header set Content-Security-Policy ...
	#Header set Content-Security-Policy " default-src https:; script-src images1.smtickets.com cdn.smdatalabs.com static.queue-it.net assets.queue-it.net smtickets.queue-it.net www.google-analytics.com cdn.jsdelivr.net 'self' 'unsafe-inline';style-src 'self' images1.smtickets.com fonts.googleapis.com 'unsafe-inline'; child-src 'none';  object-src 'none'"
	#Header set Content-Security-Policy: "default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'"

 </IfModule>

<Files ~ "^.*\.([Hh][Tt][Aa])">
 order allow,deny
 deny from all
 satisfy all
</Files>