Options -Indexes
DirectoryIndex index.php index.html

<IfModule mod_rewrite.c>
  Options +FollowSymLinks
  RewriteEngine On
  RewriteBase /

  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/|#(.*))$
  RewriteRule ^(.*)$ $1/ [R=301,L]

  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME}\.php -f
  # RewriteCond %{DOCUMENT_ROOT}/em-public/$1\.php -f
  RewriteRule ^([^\.]+)/$ $1.php

  RewriteRule ^$ em-public/ [L]
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^((?!em-public/).+)$ em-public/$1 [L,NC]
</IfModule>

# Using this header, any browser that accesses the site over HTTPS will not
# be able to access the plain HTTP site for one year (31536000 seconds).
# One you begin using this, you should not stop using SSL on your site or
# else your returning visitors will not be able to access your site at all.
Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS

<Files 403.shtml>
order allow,deny
allow from all
</Files>

ErrorDocument 403 /em-public/404.php
ErrorDocument 404 /em-public/404.php
