diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
new file mode 100644
index 0000000..432428a
--- /dev/null
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,307 @@
+# GitHub Copilot Instructions for MockAPI-PHP
+
+## Project Context
+
+You are working on **MockAPI-PHP**, a lightweight mock API server for PHP developers. This project enables rapid prototyping and testing by simulating RESTful API responses using file-based configurations.
+
+### Key Information
+- **Language**: PHP 8.3+
+- **Architecture**: File-based routing with automatic endpoint registration
+- **License**: MIT
+- **Current Version**: 1.3.1
+
+## Core Components
+
+### 1. Main Entry Point (`index.php`)
+- Handles all HTTP requests through a single entry point
+- Implements routing, authorization, logging, and response delivery
+- Uses session-based polling per client
+- Supports dynamic routes with parameter extraction
+
+### 2. Response Management
+- Responses stored in `responses/` directory matching endpoint structure
+- Supports both `.json` and `.txt` file formats
+- Priority order: custom response → polling response → default response
+- Special `mockDelay` property in JSON for simulating latency
+
+### 3. Custom Hooks (`hooks/`)
+- Naming convention: `{method}_{endpoint}.php` (e.g., `get_users.php`)
+- Can override default response behavior
+- Has access to `$request_data` and `$response_file` variables
+- Use helper functions from `libs/utils.php`
+
+### 4. OpenAPI Schema Generation (`generate-schema.php`)
+- Auto-generates OpenAPI 3.0 specs from response files
+- Supports both YAML and JSON output formats
+- Validates schemas using `opis/json-schema`
+- Outputs to `schema/` directory
+
+## Coding Standards
+
+### Style Guide
+- **Standard**: PSR-12
+- **Static Analysis**: PHPStan level 6
+- **Naming Conventions**:
+ - Functions: `camelCase`
+ - Variables: `$snake_case` (uppercase for globals)
+ - Files: `kebab-case.php`
+
+### Code Quality Tools
+```bash
+# Run tests
+./vendor/bin/phpunit
+
+# Static analysis
+./vendor/bin/phpstan analyse
+
+# Code style check
+./vendor/bin/phpcs
+```
+
+## Common Patterns
+
+### Adding a New Endpoint
+
+When creating a new endpoint, follow this pattern:
+
+1. **Create directory structure**:
+ ```
+ responses/{endpoint}/{method}/
+ ```
+
+2. **Add response files**:
+ ```php
+ // responses/users/get/default.json
+ {
+ "success": true,
+ "data": []
+ }
+ ```
+
+3. **Optional: Add custom hook**:
+ ```php
+ // hooks/get_users.php
+ $response_data = json_decode(file_get_contents($response_file), true);
+ // Modify $response_data as needed
+ returnResponse($response_data);
+ ```
+
+### Creating Helper Functions
+
+Add reusable utilities to `libs/utils.php`:
+
+```php
+if (!function_exists('myHelperFunction')) {
+ function myHelperFunction(mixed $param): mixed {
+ // Implementation
+ }
+}
+```
+
+### Logging Best Practices
+
+Use existing logging functions:
+
+```php
+logRequest($request_id, $method, $path, $client_id, $request_data);
+logResponse($request_id, $response_content);
+logError($request_id, "Error message");
+logAuthFailure($request_id, "Auth error message");
+```
+
+All logs use JSON format and are linked by `request_id`.
+
+### Custom Hook Template
+
+```php
+ str_starts_with($k, 'dynamicParam'), ARRAY_FILTER_USE_KEY);
+
+// Load default response
+$response_data = json_decode(file_get_contents($response_file), true);
+
+// Modify response
+$response_data['custom_field'] = 'custom_value';
+
+// Return response
+returnResponse($response_data, 200);
+```
+
+## Environment Configuration
+
+Key environment variables in `.env`:
+
+```bash
+PORT=3030 # Server port
+BASE_PATH=/api # API base path
+LOG_DIR=./logs # Log directory
+TEMP_DIR=./temp # Temporary files directory
+TIMEZONE=Asia/Tokyo # Timezone setting
+
+# CORS Configuration
+CORS_ALLOW_ORIGIN=*
+CORS_ALLOW_METHODS=GET, POST, DELETE, PATCH, PUT, OPTIONS
+CORS_ALLOW_HEADERS=Origin, Content-Type, Accept
+
+# Authentication (optional)
+API_KEY=your_api_key_here
+CREDENTIAL=your_credential_here
+
+# OpenAPI Schema Generation
+SCHEMA_DIR=./schema
+SCHEMA_FORMAT=yaml
+SCHEMA_TITLE=My API
+SCHEMA_VERSION=1.0.0
+```
+
+## Testing Guidelines
+
+### Writing Unit Tests
+
+Place tests in `tests/` directory:
+
+```php
+assertEquals($expected, $result);
+ }
+}
+```
+
+### Test Coverage Areas
+- Response file detection logic
+- Dynamic route parsing
+- Custom hook execution
+- OpenAPI schema generation
+- Authorization logic
+
+## Security Considerations
+
+1. **Input Sanitization**: Always use `filter_input_array()` for query parameters
+2. **API Key Management**: Store secrets in `.env`, never in code
+3. **File Access**: Restrict access to `responses/` directory only
+4. **Logging**: Avoid logging sensitive data (passwords, tokens)
+
+## Special Request Parameters
+
+- `mock_response`: Specify custom response file (e.g., `?mock_response=success`)
+- `mock_content_type`: Override Content-Type header (e.g., `?mock_content_type=application/xml`)
+
+## Troubleshooting Tips
+
+### Common Issues
+
+1. **404 Not Found**:
+ - Check `responses/` directory structure matches endpoint path
+ - Verify `BASE_PATH` environment variable
+
+2. **Authentication Errors**:
+ - Review `logs/auth.log`
+ - Verify `Authorization` header format
+
+3. **Schema Generation Errors**:
+ - Check `logs/validation-error.log`
+ - Validate JSON syntax in response files
+
+### Debug Mode
+
+Enable verbose logging by checking log files:
+
+```bash
+tail -f logs/request.log | jq .
+tail -f logs/error.log | jq .
+```
+
+## Dependencies
+
+### Production
+- `vlucas/phpdotenv`: Environment variable management
+- `symfony/yaml`: YAML parsing for schema generation
+- `opis/json-schema`: JSON schema validation
+
+### Development
+- `phpunit/phpunit`: Unit testing framework
+- `phpstan/phpstan`: Static analysis tool
+- `squizlabs/php_codesniffer`: Code style checker
+
+## Best Practices
+
+1. **Always validate input** using PHP's filter functions
+2. **Use type hints** for function parameters and return types
+3. **Document complex logic** with inline comments
+4. **Keep functions small** and focused on single responsibility
+5. **Test edge cases** especially for dynamic routing
+6. **Follow PSR-12** coding standards
+7. **Use existing helper functions** from `libs/utils.php` before creating new ones
+8. **Log important events** using appropriate log functions
+
+## File Structure Conventions
+
+```
+responses/
+ ├── {endpoint}/ # Endpoint name (e.g., users, products)
+ │ ├── get/ # HTTP method directory
+ │ │ ├── default.json # Default response
+ │ │ ├── 1.json # First polling response
+ │ │ ├── 2.json # Second polling response
+ │ │ └── custom.json # Custom response (via ?mock_response=custom)
+ │ ├── post/
+ │ ├── put/
+ │ ├── patch/
+ │ └── delete/
+ └── errors/ # Error responses
+ ├── 404.json
+ ├── 500.json
+ └── 401.json
+```
+
+## When Making Changes
+
+1. **Before modifying core files**: Run existing tests
+2. **After changes**: Run PHPStan and PHPCS
+3. **For new features**: Add corresponding tests
+4. **Update documentation**: Modify README if API changes
+5. **Version bump**: Update `version.json` and `CHANGELOG.md`
+
+## Useful Commands
+
+```bash
+# Start development server
+php start_server.php
+
+# Generate OpenAPI schema
+php generate-schema.php yaml "API Title" "1.0.0"
+
+# Run all quality checks
+./vendor/bin/phpunit && ./vendor/bin/phpstan analyse && ./vendor/bin/phpcs
+
+# Reset polling for testing
+curl -X POST http://localhost:3030/api/reset_polling
+
+# Check API version
+curl http://localhost:3030/api/version
+```
+
+## Reference Documentation
+
+- [Developer Summary](../DEVELOPER_SUMMARY.md)
+- [README (Japanese)](../README_JP.md)
+- [README (English)](../README.md)
+- [Changelog](../CHANGELOG.md)
diff --git a/.gitignore b/.gitignore
index 8b35bfe..4c84a1f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,10 +3,13 @@ hooks/*.php
*.log
*.cache
.env
+!.env.sample
+.htaccess
cookies.txt
.github/*
!.github/workflows/ci.yml
+!.github/copilot-instructions.md
responses/*
!responses/errors/**
diff --git a/.htaccess.sample b/.htaccess.sample
new file mode 100644
index 0000000..62518d0
--- /dev/null
+++ b/.htaccess.sample
@@ -0,0 +1,37 @@
+# MockAPI-PHP - Apache Configuration Sample
+#
+# IMPORTANT: This file should be placed in the PARENT directory of MockAPI-PHP,
+# not inside the MockAPI-PHP directory itself.
+#
+# Expected directory structure:
+# /var/www/html/ (Document root)
+# ├── .htaccess (Copy this file here and rename to .htaccess)
+# ├── index.html (Your existing site files)
+# └── MockAPI-PHP/ (Git cloned directory)
+# ├── index.php
+# ├── .htaccess.sample (This sample file - not used)
+# └── ...
+#
+# Usage:
+# 1. Copy this file to the parent directory of MockAPI-PHP
+# 2. Rename it to .htaccess
+# 3. Change "MockAPI-PHP" in the RewriteRule to match your actual directory name
+# 4. Test your endpoints: https://example.com/api/users
+
+
+ RewriteEngine On
+
+ # Set the base directory (usually /)
+ RewriteBase /
+
+ # Exclude existing files and directories from rewriting
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_FILENAME} !-d
+
+
+
+# Disable directory listing
+Options -Indexes
+
+# Set default charset
+AddDefaultCharset UTF-8
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 46c4ef7..02d6720 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,28 @@
# Changelog
+## [1.3.2] - 2025-11-13
+### Added
+- Added comprehensive deployment guide (`DEPLOYMENT.md`) for hosted environments
+ - Detailed instructions for Apache and Nginx deployment
+ - Subdirectory installation as the standard deployment method
+ - Document root installation guide
+ - Complete troubleshooting section
+- Added `.htaccess.sample` for Apache URL rewriting configuration
+ - Designed for parent directory placement in subdirectory installations
+ - Includes detailed comments and directory structure examples
+ - Simplified and optimized rewrite rules
+
+### Changed
+- Updated `.gitignore` to exclude user-specific `.htaccess` files
+- Enhanced `README.md` and `README_JP.md` with deployment guide references
+- Completely rewrote deployment documentation focusing on subdirectory installation
+
+### Improved
+- Clarified the distinction between subdirectory path and `BASE_PATH` in documentation
+- Enhanced Apache and Nginx configuration examples for various deployment scenarios
+- Improved troubleshooting guides with subdirectory-specific issues
+- Added visual directory structure diagrams throughout documentation
+
## [1.3.1] - 2025-07-17
### Added
- Added the ability to define CORS headers in the .env environment variable.
@@ -36,6 +59,7 @@
---
#### 🔗 GitHub Releases
+[1.3.2]: https://github.com/ka215/MockAPI-PHP/releases/tag/v1.3.2
[1.3.1]: https://github.com/ka215/MockAPI-PHP/releases/tag/v1.3.1
[1.2.0]: https://github.com/ka215/MockAPI-PHP/releases/tag/v1.2.0
[1.1.0]: https://github.com/ka215/MockAPI-PHP/releases/tag/v1.1.0
diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md
new file mode 100644
index 0000000..436a3f2
--- /dev/null
+++ b/DEPLOYMENT.md
@@ -0,0 +1,549 @@
+# MockAPI-PHP Deployment Guide
+
+This guide explains how to deploy MockAPI-PHP on hosted environments (Apache, Nginx) rather than just using PHP's built-in development server.
+
+## Table of Contents
+
+- [Apache Deployment](#apache-deployment)
+ - [Subdirectory Installation (Recommended)](#subdirectory-installation-recommended)
+ - [Document Root Installation](#document-root-installation)
+- [Nginx Deployment](#nginx-deployment)
+- [Environment Configuration](#environment-configuration)
+- [Troubleshooting](#troubleshooting)
+
+---
+
+## Apache Deployment
+
+### Requirements
+
+- Apache 2.4+
+- PHP 8.3+
+- `mod_rewrite` enabled
+- Composer (for dependencies)
+
+---
+
+### Subdirectory Installation (Recommended)
+
+This is the **standard deployment method** for MockAPI-PHP, where the repository is cloned into a subdirectory and accessed via a URL like `https://example.com/MockAPI-PHP/`.
+
+#### Directory Structure
+
+```
+/var/www/html/ # Document root
+├── .htaccess # ← Place .htaccess.sample here (renamed)
+├── index.html # Your existing site files
+├── about.html
+└── MockAPI-PHP/ # ← Git cloned directory
+ ├── index.php
+ ├── .htaccess.sample # Sample file (not used)
+ ├── .env
+ ├── responses/
+ └── ...
+```
+
+#### Installation Steps
+
+1. **Clone the repository into a subdirectory**
+ ```bash
+ cd /var/www/html
+ git clone https://github.com/ka215/MockAPI-PHP.git
+ cd MockAPI-PHP
+ ```
+
+2. **Install dependencies**
+ ```bash
+ composer install --no-dev
+ ```
+
+3. **Configure environment variables**
+ ```bash
+ cp .env.sample .env
+ nano .env
+ ```
+
+ Example `.env` configuration:
+ ```bash
+ PORT=80
+ BASE_PATH=/api # API endpoint prefix
+ LOG_DIR=./logs
+ TEMP_DIR=./temp
+ TIMEZONE=UTC
+ ```
+
+4. **Set up `.htaccess` in the PARENT directory**
+
+ **Copy and rename the sample file:**
+ ```bash
+ cp MockAPI-PHP/.htaccess.sample .htaccess
+ ```
+
+ **Edit `.htaccess` to match your directory name:**
+ ```apache
+ # Change "MockAPI-PHP" to match your actual directory name if different
+ RewriteRule ^MockAPI-PHP/(.*)$ MockAPI-PHP/index.php [QSA,L]
+ ```
+
+ If you cloned into a different directory name (e.g., `mock-api`):
+ ```apache
+ RewriteRule ^mock-api/(.*)$ mock-api/index.php [QSA,L]
+ ```
+
+5. **Set proper permissions**
+ ```bash
+ chmod 755 MockAPI-PHP/index.php
+ chmod -R 775 MockAPI-PHP/logs/
+ chmod -R 775 MockAPI-PHP/temp/
+ chmod -R 775 MockAPI-PHP/schema/
+ ```
+
+6. **Verify Apache modules**
+ ```bash
+ # Check if mod_rewrite is enabled
+ apache2ctl -M | grep rewrite
+
+ # Enable if not active (on Debian/Ubuntu)
+ sudo a2enmod rewrite
+ sudo systemctl restart apache2
+ ```
+
+7. **Test your endpoints**
+ ```bash
+ # Test basic endpoint
+ curl https://example.com/MockAPI-PHP/api/users
+
+ # Test version
+ curl https://example.com/MockAPI-PHP/api/version
+
+ # Test with custom response
+ curl "https://example.com/MockAPI-PHP/api/users?mock_response=success"
+ ```
+
+#### URL Structure
+
+With subdirectory installation, your API endpoints follow this pattern:
+
+```
+https://example.com/[directory-name]/[BASE_PATH]/[endpoint]
+```
+
+Examples:
+- `https://example.com/MockAPI-PHP/api/users`
+- `https://example.com/MockAPI-PHP/api/products`
+- `https://example.com/mock-api/api/version` (if cloned as "mock-api")
+
+**Important Notes:**
+- The **directory name** (e.g., `MockAPI-PHP`) is part of the URL path
+- `BASE_PATH` (default: `/api`) is the API endpoint prefix
+- You can change `BASE_PATH` in `.env` to customize the API prefix
+
+---
+
+### Document Root Installation
+
+If you want to install MockAPI-PHP as the **main application** at the document root (e.g., `https://example.com/api/users`), follow these steps:
+
+#### Directory Structure
+
+```
+/var/www/html/ # Document root (MockAPI-PHP files here)
+├── .htaccess # Create new .htaccess
+├── index.php
+├── .env
+├── responses/
+└── ...
+```
+
+#### Installation Steps
+
+1. **Clone directly to document root**
+ ```bash
+ cd /var/www
+ git clone https://github.com/ka215/MockAPI-PHP.git html
+ cd html
+ ```
+
+2. **Install dependencies**
+ ```bash
+ composer install --no-dev
+ ```
+
+3. **Configure environment**
+ ```bash
+ cp .env.sample .env
+ nano .env
+ ```
+
+4. **Create `.htaccess` in the document root**
+
+ Create a new `.htaccess` file with the following content:
+ ```apache
+
+ RewriteEngine On
+ RewriteBase /
+
+ # Exclude existing files and directories
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_FILENAME} !-d
+
+ # Redirect all requests to index.php
+ RewriteRule ^(.*)$ index.php [QSA,L]
+
+
+ Options -Indexes
+ AddDefaultCharset UTF-8
+ ```
+
+5. **Test endpoints**
+ ```bash
+ curl https://example.com/api/users
+ curl https://example.com/api/version
+ ```
+
+### Apache Virtual Host Configuration
+
+For dedicated subdomain deployment (e.g., `https://api.example.com`):
+
+```apache
+
+ ServerName api.example.com
+ DocumentRoot /var/www/MockAPI-PHP
+
+
+ Options -Indexes +FollowSymLinks
+ AllowOverride All
+ Require all granted
+
+
+ ErrorLog ${APACHE_LOG_DIR}/mockapi_error.log
+ CustomLog ${APACHE_LOG_DIR}/mockapi_access.log combined
+
+```
+
+---
+
+## Nginx Deployment
+
+### Requirements
+
+- Nginx 1.18+
+- PHP-FPM 8.3+
+- Composer (for dependencies)
+
+---
+
+### Subdirectory Installation (Standard Method)
+
+For subdirectory deployment with Nginx (e.g., `https://example.com/MockAPI-PHP/`):
+
+#### Nginx Configuration
+
+```nginx
+server {
+ listen 80;
+ server_name example.com;
+ root /var/www/html;
+ index index.php index.html;
+
+ # Main site
+ location / {
+ try_files $uri $uri/ =404;
+ }
+
+ # MockAPI-PHP subdirectory
+ # Change "MockAPI-PHP" to match your actual directory name
+ location /MockAPI-PHP/ {
+ try_files $uri $uri/ /MockAPI-PHP/index.php?$query_string;
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+ }
+
+ # Deny access to hidden files
+ location ~ /\. {
+ deny all;
+ }
+
+ # Deny access to sensitive directories within MockAPI-PHP
+ location ~ ^/MockAPI-PHP/(vendor|logs|temp|\.git)/ {
+ deny all;
+ }
+}
+```
+
+---
+
+### Document Root Installation
+
+For installing MockAPI-PHP as the main application at document root:
+
+```nginx
+server {
+ listen 80;
+ server_name api.example.com;
+ root /var/www/MockAPI-PHP;
+ index index.php;
+
+ # Logging
+ access_log /var/log/nginx/mockapi_access.log;
+ error_log /var/log/nginx/mockapi_error.log;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ }
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+
+ # Deny access to hidden files
+ location ~ /\. {
+ deny all;
+ }
+
+ # Deny access to sensitive directories
+ location ~ ^/(vendor|logs|temp|\.git)/ {
+ deny all;
+ }
+}
+```
+
+---
+
+## Environment Configuration
+
+### `.env` Settings
+
+The `.env` file configuration is the same for both subdirectory and root installations:
+
+```bash
+PORT=80 # Server port (usually 80 for HTTP, 443 for HTTPS)
+BASE_PATH=/api # API endpoint prefix (not the subdirectory path)
+LOG_DIR=./logs # Log directory
+TEMP_DIR=./temp # Temporary files directory
+TIMEZONE=UTC # Timezone for logging
+
+# CORS Configuration
+CORS_ALLOW_ORIGIN=*
+CORS_ALLOW_METHODS=GET, POST, DELETE, PATCH, PUT, OPTIONS
+CORS_ALLOW_HEADERS=Origin, Content-Type, Accept
+CORS_ALLOW_CREDENTIALS=true
+
+# Authentication (optional)
+API_KEY=your_api_key_here
+CREDENTIAL=your_credential_here
+```
+
+**Important Notes:**
+
+- `BASE_PATH` is the **API endpoint prefix**, not the subdirectory path
+- Example URL structure:
+ - Document root: `https://example.com/api/users`
+ - Subdirectory: `https://example.com/MockAPI-PHP/api/users`
+
+ In both cases, `BASE_PATH=/api` remains the same.
+
+- If you want endpoints without `/api` prefix:
+ ```bash
+ BASE_PATH=
+ ```
+ Then endpoints become:
+ - Document root: `https://example.com/users`
+ - Subdirectory: `https://example.com/MockAPI-PHP/users`
+
+---
+
+## Troubleshooting
+
+### 404 Errors
+
+**Symptom**: All requests return 404 Not Found
+
+**Solutions**:
+
+1. **For subdirectory installation**: Check if `.htaccess` is in the PARENT directory
+ ```bash
+ # Should exist here
+ /var/www/html/.htaccess
+
+ # NOT here
+ /var/www/html/MockAPI-PHP/.htaccess
+ ```
+
+2. **Verify directory name in `.htaccess`**
+ ```apache
+ # Must match actual directory name
+ RewriteRule ^MockAPI-PHP/(.*)$ MockAPI-PHP/index.php [QSA,L]
+ ```
+
+3. **Check if `mod_rewrite` is enabled** (Apache)
+ ```bash
+ apache2ctl -M | grep rewrite
+ ```
+
+4. **Test if `.htaccess` is being read**
+ ```bash
+ # Add this temporarily to .htaccess to test
+ # If you see "500 Internal Server Error", .htaccess is working
+ InvalidDirective test
+ ```
+
+5. **Check `AllowOverride` in Apache config**
+ ```apache
+
+ AllowOverride All # Must be "All", not "None"
+
+ ```
+
+### Permission Errors
+
+**Symptom**: Cannot write logs or create files
+
+**Solution**:
+```bash
+# Set proper ownership
+sudo chown -R www-data:www-data /var/www/html/MockAPI-PHP
+
+# Set proper permissions
+chmod -R 755 /var/www/html/MockAPI-PHP
+chmod -R 775 /var/www/html/MockAPI-PHP/logs
+chmod -R 775 /var/www/html/MockAPI-PHP/temp
+chmod -R 775 /var/www/html/MockAPI-PHP/schema
+```
+
+### CORS Issues
+
+**Symptom**: Browser blocks requests due to CORS
+
+**Solution**:
+
+Configure CORS in `.env`:
+```bash
+CORS_ALLOW_ORIGIN=https://your-frontend.com
+CORS_ALLOW_METHODS=GET, POST, DELETE, PATCH, PUT, OPTIONS
+CORS_ALLOW_HEADERS=Origin, Content-Type, Accept
+CORS_ALLOW_CREDENTIALS=true
+```
+
+### Routing Not Working
+
+**Symptom**: Only `index.php` works directly, but routes don't
+
+**Checklist for subdirectory installation**:
+
+1. ✅ `.htaccess` exists in the PARENT directory (not inside MockAPI-PHP)
+2. ✅ `.htaccess` has correct `RewriteRule` with matching directory name
+3. ✅ `mod_rewrite` is enabled (Apache)
+4. ✅ `AllowOverride All` is set in Apache config
+5. ✅ `.env` file has correct `BASE_PATH`
+
+**Checklist for root installation**:
+
+1. ✅ `.htaccess` exists in the document root (same directory as `index.php`)
+2. ✅ `RewriteRule` points to `index.php` (not subdirectory/index.php)
+3. ✅ `mod_rewrite` is enabled (Apache)
+4. ✅ `AllowOverride All` is set in Apache config
+
+### Testing Rewrite Rules
+
+```bash
+# Test if rewriting works (subdirectory)
+curl -I https://example.com/MockAPI-PHP/api/users
+
+# Test if rewriting works (root)
+curl -I https://example.com/api/users
+
+# Should return 200 OK, not 404
+
+# Check Apache error logs
+tail -f /var/log/apache2/error.log
+
+# Check PHP error logs
+tail -f /var/log/php8.3-fpm.log
+```
+
+---
+
+## Security Recommendations
+
+1. **Restrict access to sensitive directories**
+ ```apache
+ # In .htaccess
+
+ Require all denied
+
+
+
+ Require all denied
+
+ ```
+
+2. **Use HTTPS in production**
+ ```bash
+ # Install Let's Encrypt SSL
+ sudo certbot --apache -d mockapi.example.com
+ ```
+
+3. **Enable authentication**
+ ```bash
+ # In .env
+ API_KEY=your_secure_api_key_here
+ CREDENTIAL=your_secure_credential_here
+ ```
+
+4. **Disable directory listing** (already in `.htaccess`)
+ ```apache
+ Options -Indexes
+ ```
+
+---
+
+## Performance Optimization
+
+1. **Enable OPcache** (PHP)
+ ```ini
+ ; In php.ini
+ opcache.enable=1
+ opcache.memory_consumption=128
+ opcache.max_accelerated_files=10000
+ ```
+
+2. **Enable HTTP/2** (Apache)
+ ```bash
+ sudo a2enmod http2
+ sudo systemctl restart apache2
+ ```
+
+3. **Use production Composer install**
+ ```bash
+ composer install --no-dev --optimize-autoloader
+ ```
+
+---
+
+## Support
+
+If you encounter issues not covered in this guide:
+
+1. Check the [GitHub Issues](https://github.com/ka215/MockAPI-PHP/issues)
+2. Review logs in `logs/` directory
+3. Create a new issue with:
+ - Server environment (Apache/Nginx version)
+ - PHP version
+ - Installation directory structure
+ - Error messages from logs
+
+---
+
+**Related Documentation:**
+- [README (Japanese)](./README_JP.md)
+- [README (English)](./README.md)
+- [Developer Summary](./DEVELOPER_SUMMARY_JP.md)
diff --git a/README.md b/README.md
index 85ce937..b81ac25 100644
--- a/README.md
+++ b/README.md
@@ -128,6 +128,8 @@ mock_api_server/
## Usage
+> **📝 Note**: The instructions below are for local development using PHP's built-in server. For deploying to a hosted environment (Apache/Nginx) or subdirectory installation, see the **[Deployment Guide](./DEPLOYMENT.md)**.
+
### 1. Install Dependencies via Composer
```bash
diff --git a/README_JP.md b/README_JP.md
index 8f86ea5..f923c5f 100644
--- a/README_JP.md
+++ b/README_JP.md
@@ -129,6 +129,8 @@ mock_api_server/
## 使い方
+> **📝 注意**: 以下の説明はPHPビルトインサーバーを使用したローカル開発用です。ホスト環境(Apache/Nginx)へのデプロイやサブディレクトリへの配置については、**[デプロイメントガイド](./DEPLOYMENT.md)** を参照してください。
+
### 1. Composer のインストール
```bash
diff --git a/version.json b/version.json
index f77d91f..f5fa71c 100644
--- a/version.json
+++ b/version.json
@@ -1,4 +1,4 @@
{
- "version": "1.3.1",
- "release_date": "2025-07-17"
+ "version": "1.3.2",
+ "release_date": "2025-11-13"
}
\ No newline at end of file