# Force HTTPS Redirect by FastComet
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Force HTTPS Redirect by Pro-int
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

RewriteEngine on
RewriteCond %{HTTP_HOST} ^pro\-int\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.pro\-int\.com$
RewriteRule ^/?$ "https\:\/\/www\.pro\-int\.co\.id\/" [R=301,L]

<ifModule mod_headers.c>
#Header always set Content-Security-Policy "upgrade-insecure-requests;"
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://pro-int.co.id https://pro-int.com; frame-ancestors 'self' https://pro-int.co.id https://pro-int.com;"
Header set X-Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://pro-int.co.id https://pro-int.com; frame-ancestors 'self' https://pro-int.co.id https://pro-int.com"
Header set X-WebKit-CSP "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://pro-int.co.id https://pro-int.com; frame-ancestors 'self' https://pro-int.co.id https://pro-int.com"
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" env=HTTPS
Header set X-FRAME-OPTIONS "SAMEORIGIN"
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set Cache-Control "no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0,s-maxage=0"
Header set Pragma "no-cache"
Header set Expires "0"
Header set Referrer-Policy "SAMEORIGIN"
Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure"
</IfModule>