# DO NOT REMOVE. CLOUDLINUX PASSENGER CONFIGURATION BEGIN
PassengerAppRoot "/home/malmjlqb/public_html/b.usasya.com"
PassengerBaseURI "/"
PassengerNodejs "/home/malmjlqb/nodevenv/public_html/b.usasya.com/16/bin/node"
PassengerAppType node
PassengerStartupFile server.js
# DO NOT REMOVE. CLOUDLINUX PASSENGER CONFIGURATION END
# Configuration for LiteSpeed Web Server
RewriteEngine On
# Trust proxy headers for rate limiting
RewriteCond %{HTTP:X-Forwarded-For} ^.+$
RewriteRule ^(.*)$ - [E=HTTP_X_FORWARDED_FOR:%{HTTP:X-Forwarded-For}]
# Set Node.js environment
SetEnv NODE_ENV production
# Enable compression
SetEnv GZIP on
# Security headers
Header always set X-Content-Type-Options nosniff
Header always set X-Frame-Options DENY
Header always set X-XSS-Protection "1; mode=block"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
# CORS headers for API
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, PATCH, OPTIONS"
Header always set Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With"
Header always set Access-Control-Max-Age "86400"
# Handle preflight requests
RewriteCond %{REQUEST_METHOD} ^OPTIONS$
RewriteRule ^(.*)$ - [R=200,L]
# DO NOT REMOVE OR MODIFY. CLOUDLINUX ENV VARS CONFIGURATION BEGIN
<IfModule Litespeed>
</IfModule>
# DO NOT REMOVE OR MODIFY. CLOUDLINUX ENV VARS CONFIGURATION END