OwlCyberSecurity - MANAGER

Edit File: .htaccess.28

RewriteEngine On # Inherit rewrite options (CPanel-compatible) RewriteOptions inherit # Reverse proxy for backend APIs RewriteCond %{REQUEST_URI} ^/api(/.*)?$ [NC] RewriteRule ^api(/.*)?$ http://127.0.0.1:2005/api$1 [P,L] # Reverse proxy for AdminJS (full deep routing) RewriteCond %{REQUEST_URI} ^/admin(/.*)?$ [NC] RewriteRule ^admin(/.*)?$ http://127.0.0.1:2005/admin$1 [P,L] # Optional: WebSocket (not always needed for AdminJS) RewriteCond %{HTTP:Upgrade} =websocket [NC] RewriteRule /(.*) ws://127.0.0.1:2005/$1 [P,L] <IfModule mod_headers.c> # Allow iframe embedding Header always unset X-Frame-Options Header always set Content-Security-Policy "frame-ancestors 'self' http://testone.onebox.pk" # Allow CORS from frontend to backend Header always set Access-Control-Allow-Origin "http://testone.onebox.pk || * " Header always set Access-Control-Allow-Credentials "true" Header always set Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" Header always set Access-Control-Allow-Headers "Content-Type, Authorization" </IfModule>