# Enable rewrite engine
RewriteEngine On

# Force HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Redirect www to apex
RewriteCond %{HTTP_HOST} ^www\.summitwave\.eu$ [NC]
RewriteRule ^ https://summitwave.eu%{REQUEST_URI} [L,R=301]

# Canonicalize index.html to root
RewriteRule ^index\.html$ https://summitwave.eu/ [L,R=301]

# Cache static assets (adjust as needed)
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/webp "access plus 6 months"
  ExpiresByType image/png  "access plus 6 months"
  ExpiresByType image/jpeg "access plus 6 months"
  ExpiresByType image/svg+xml "access plus 6 months"
  ExpiresByType image/x-icon "access plus 12 months"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"
</IfModule>

# Security headers (best-effort; host must support)
<IfModule mod_headers.c>
  Header set X-Content-Type-Options "nosniff"
  Header set Referrer-Policy "strict-origin-when-cross-origin"
  Header set X-Frame-Options "SAMEORIGIN"
</IfModule>
