# 📄 .htaccess File - Important Information

## ✅ Kya hai .htaccess?

`.htaccess` file Apache web server ke liye configuration file hai jo aapke website ke behavior ko control karti hai.

## 🔴 Kya .htaccess Zaroori Hai?

**Haan, live server ke liye .htaccess file BOHOT IMPORTANT hai kyunki:**

### 1. **CORS Headers** (ChatGPT ke liye zaroori)
- ChatGPT aur other AI assistants ko API access dene ke liye
- Cross-origin requests allow karne ke liye
- PHP files mein headers already hain, lekin .htaccess se extra security

### 2. **Security Headers**
- XSS protection
- Clickjacking prevention
- MIME type sniffing prevention
- Server signature hide karna

### 3. **HTTPS Redirect**
- HTTP se HTTPS par automatically redirect
- Security ke liye important

### 4. **PHP Settings**
- Timeout increase (API calls ke liye)
- Memory limit optimize
- Performance improvement

### 5. **File Protection**
- Sensitive files ko protect karna (config.php, etc.)
- Directory browsing disable

## 📋 .htaccess File Ka Kaam

Yeh file mein kya kya hai:

✅ **CORS Configuration** - ChatGPT ke liye
✅ **Security Headers** - XSS, clickjacking protection
✅ **HTTPS Redirect** - Security
✅ **PHP Settings** - Timeout, memory
✅ **File Protection** - Sensitive files hide
✅ **Gzip Compression** - Performance
✅ **Error Handling** - Better error management

## 🚀 Kaise Use Karein?

### Apache Server (Most Common)

1. **File Upload Karein:**
   - `.htaccess` file ko server par upload karein
   - Same folder mein jahan `api.php` hai

2. **Permissions:**
   ```bash
   chmod 644 .htaccess
   ```

3. **Test Karein:**
   - Browser mein: `https://mcp.illumemedia.app/api.php?action=test`
   - CORS headers check karein (Browser DevTools > Network)

### Nginx Server

Agar aap Nginx use kar rahe hain:
- `.htaccess` file kaam nahi karegi
- `nginx.conf` file use karein (already ready hai project mein)

## ⚠️ Important Notes

1. **File Name:**
   - Exact name: `.htaccess` (dot se start)
   - No extension
   - Hidden file (Linux/Mac mein)

2. **Permissions:**
   - Must be readable: `644`
   - Server ko access chahiye

3. **Location:**
   - Root directory mein (jahan `api.php` hai)
   - Ya specific folder mein (subfolder ke liye)

4. **Testing:**
   - Upload ke baad test karein
   - Agar error aaye to check karein:
     - File permissions
     - Apache mod_rewrite enabled hai ya nahi
     - Syntax errors

## 🔍 Common Issues

### Issue: .htaccess kaam nahi kar rahi

**Solutions:**
1. Check file name: `.htaccess` (exact)
2. Check permissions: `644`
3. Check Apache mod_rewrite enabled:
   ```bash
   sudo a2enmod rewrite
   sudo systemctl restart apache2
   ```
4. Check Apache config:
   ```apache
   AllowOverride All
   ```

### Issue: CORS errors

**Solution:**
- `.htaccess` file mein CORS headers check karein
- Browser DevTools mein headers verify karein

### Issue: HTTPS redirect loop

**Solution:**
- `.htaccess` mein HTTPS redirect check karein
- SSL certificate properly installed hai ya nahi

## 📝 Customization

Agar aap customize karna chahte hain:

1. **Timeout Increase:**
   ```apache
   php_value max_execution_time 120
   ```

2. **Memory Increase:**
   ```apache
   php_value memory_limit 512M
   ```

3. **Additional Security:**
   ```apache
   # IP whitelist (optional)
   Order Deny,Allow
   Deny from all
   Allow from 192.168.1.0/24
   ```

## ✅ Checklist

- [ ] `.htaccess` file uploaded
- [ ] Permissions set: `644`
- [ ] Apache mod_rewrite enabled
- [ ] HTTPS redirect working
- [ ] CORS headers working (check in browser)
- [ ] Security headers working
- [ ] No errors in Apache logs

## 🔗 Related Files

- `nginx.conf` - Nginx users ke liye
- `api.php` - Main API file
- `mcp.php` - MCP endpoint

---

**Remember:** `.htaccess` file live server ke liye **ZAROORI** hai! 🚀

