# Leverage Browser Caching by SG-Optimizer
<IfModule mod_expires.c>
    ExpiresActive on
    # CSS
    ExpiresByType text/css                              "access plus 1 year"
    # JavaScript
    ExpiresByType application/javascript                "access plus 1 year"
    ExpiresByType application/x-javascript              "access plus 1 year"
    # Manifest files
    ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
    ExpiresByType text/cache-manifest                   "access plus 0 seconds"
    # Media
    ExpiresByType audio/ogg                             "access plus 1 year"
    ExpiresByType image/gif                             "access plus 1 year"
    ExpiresByType image/jpg                             "access plus 1 year"
    ExpiresByType image/jpeg                            "access plus 1 year"
    ExpiresByType image/png                             "access plus 1 year"
    ExpiresByType image/svg                             "access plus 1 year"
    ExpiresByType image/svg+xml                         "access plus 1 year"
    ExpiresByType video/mp4                             "access plus 1 year"
    ExpiresByType video/ogg                             "access plus 1 year"
    ExpiresByType video/webm                            "access plus 1 year"
    ExpiresByType image/x-icon                          "access plus 1 year"
    ExpiresByType application/pdf                       "access plus 1 year"
    ExpiresByType application/x-shockwave-flash         "access plus 1 year"
    # XML
    ExpiresByType text/xml                              "access plus 0 seconds"
    ExpiresByType application/xml                       "access plus 0 seconds"
    # Web feeds
    ExpiresByType application/atom+xml                  "access plus 1 hour"
    ExpiresByType application/rss+xml                   "access plus 1 hour"
    # Web fonts
    ExpiresByType application/font-woff                 "access plus 1 year"
    ExpiresByType application/font-woff2                "access plus 1 year"
    ExpiresByType application/vnd.ms-fontobject         "access plus 1 year"
    ExpiresByType application/x-font-ttf                "access plus 1 year"
    ExpiresByType font/opentype                         "access plus 1 year"
</IfModule>
# END LBC

# GZIP enabled by SG-Optimizer
<IfModule mod_deflate.c>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE "application/atom+xml" \
            "application/javascript" \
            "application/json" \
            "application/ld+json" \
            "application/manifest+json" \
            "application/rdf+xml" \
            "application/rss+xml" \
            "application/schema+json" \
            "application/vnd.geo+json" \
            "application/vnd.ms-fontobject" \
            "application/x-font-ttf" \
            "application/x-javascript" \
            "application/x-web-app-manifest+json" \
            "application/xhtml+xml" \
            "application/xml" \
            "font/eot" \
            "font/opentype" \
            "image/bmp" \
            "image/svg+xml" \
            "image/vnd.microsoft.icon" \
            "image/x-icon" \
            "text/cache-manifest" \
            "text/css" \
            "text/html" \
            "text/javascript" \
            "text/plain" \
            "text/vcard" \
            "text/vnd.rim.location.xloc" \
            "text/vtt" \
            "text/x-component" \
            "text/x-cross-domain-policy" \
            "text/xml"
    </IfModule>
</IfModule>
# END GZIP

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# Redirect everything to https://blueremoval.ca in one step
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.blueremoval\.ca [NC]
RewriteRule ^(.*)$ https://blueremoval.ca/$1 [L,R=301]

<IfModule mod_headers.c>
    Header always set X-XSS-Protection "1; mode=block"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Permitted-Cross-Domain-Policies "none"
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
    Header always set Permissions-Policy "accelerometer=(), autoplay=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()"
</IfModule>

# SGO Unset Vary
Header unset Vary
# SGO Unset Vary END

# BEGIN WP Cloudflare Super Page Cache
# The directives between "BEGIN WP Cloudflare Super Page Cache" and "END WP Cloudflare Super Page Cache"
# are dynamically generated and should not be manually edited.
# END WP Cloudflare Super Page Cache

# php -- BEGIN cPanel-generated handler, do not edit
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php83 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

### =============================
### CUSTOM ADDITIONS
### =============================

# 1. Redirect all broken links (404 errors) to the homepage
<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^.*$ https://blueremoval.ca/ [R=301,L]
</IfModule>

# 2. Prevent Google from indexing all /tag/ URLs
<IfModule mod_headers.c>
    <FilesMatch ".*">
        SetEnvIf Request_URI "/tag/" noindex
        Header set X-Robots-Tag "noindex, nofollow" env=noindex
    </FilesMatch>
</IfModule>