diff --git a/.gitignore b/.gitignore
index 8b856ec..f1e34fc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
 process_contact.php.old
-.htaccess
diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..b5b9743
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1,77 @@
+# Abilita il rewrite engine
+RewriteEngine On
+
+# Imposta la directory base (modifica se necessario)
+# Se l'app è in una sottocartella, usa: RewriteBase /nome_cartella/
+RewriteBase /newapp.rpigroup.it/
+
+# Reindirizza richieste HTTP a HTTPS (opzionale, decommentare se necessario)
+# RewriteCond %{HTTPS} off
+# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+# Non reindirizzare file e cartelle esistenti
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+
+# Escludi file statici dal rewriting
+RewriteCond %{REQUEST_URI} !\.(css|js|jpg|jpeg|png|gif|svg|ico|xml|json|woff|woff2|ttf|eot)$ [NC]
+
+# Reindirizza tutto a index.php mantenendo il path
+RewriteRule ^(.*)$ index.php/$1 [L,QSA]
+
+# Impedisci l'accesso diretto a file sensibili
+<FilesMatch "^(config|\.htaccess|\.env)">
+    Order Allow,Deny
+    Deny from all
+</FilesMatch>
+
+# Gestione MIME types
+<IfModule mod_mime.c>
+    AddType application/javascript js
+    AddType text/css css
+    AddType image/svg+xml svg
+    AddType application/vnd.ms-fontobject eot
+    AddType font/ttf ttf
+    AddType font/otf otf
+    AddType font/woff woff
+    AddType font/woff2 woff2
+</IfModule>
+
+# Abilita compressione GZIP (opzionale)
+<IfModule mod_deflate.c>
+    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
+</IfModule>
+
+# Cache control (opzionale - commentato perché hai lo script no-cache)
+# <IfModule mod_expires.c>
+#     ExpiresActive On
+#     ExpiresByType image/jpg "access plus 1 month"
+#     ExpiresByType image/jpeg "access plus 1 month"
+#     ExpiresByType image/gif "access plus 1 month"
+#     ExpiresByType image/png "access plus 1 month"
+#     ExpiresByType image/svg+xml "access plus 1 month"
+#     ExpiresByType text/css "access plus 1 week"
+#     ExpiresByType application/javascript "access plus 1 week"
+# </IfModule>
+
+# Header no-cache per sviluppo (rimuovi in produzione se usi la cache)
+<IfModule mod_headers.c>
+    <FilesMatch "\.(html|php)$">
+        Header set Cache-Control "no-cache, no-store, must-revalidate"
+        Header set Pragma "no-cache"
+        Header set Expires "0"
+    </FilesMatch>
+</IfModule>
+
+# Sicurezza aggiuntiva
+<IfModule mod_headers.c>
+    Header set X-Content-Type-Options "nosniff"
+    Header set X-Frame-Options "SAMEORIGIN"
+    Header set X-XSS-Protection "1; mode=block"
+</IfModule>
+
+# Disabilita directory listing
+Options -Indexes
+
+# Abilita follow symlinks (necessario per RewriteRule)
+Options +FollowSymLinks
\ No newline at end of file