.htaccess help?

[Maurizio Caloro]

Hello

Fighting with setup .htpaccess restriction and i need to give access to 
the folder
    >"https://mta-sts.caloro.ch/.well-known/mta-sts.txt"; to public

this folder living on my system on following folder /var/www/mta-sts, 
the Home-
page are on folder /var/www/wordpress/index

if disable the folowing line "RewriteRule ^(.*)$ https://www.caloro.ch/ 
[R,L]"
i have access to this mta-sts.txt. please how i can concentrate to open only
the hompege and this mta-sts folder, so that are visible to public:

on etc/apache i have the mta-sts.conf

/etc/apache2/sites-available# cat mta-sts-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName mta-sts.caloro.ch
        DocumentRoot /

ErrorDocument 403 "403 Forbidden - This site is used to specify the 
MTA-STS policy for this domain, please see '/.well-known/mta-sts.txt'. 
If you were not expecting to see this, please use <a 
href=\"https://caloro.ch\"; rel=\"noopener\">https://caloro.ch</a> instead."

        DocumentRoot "/var/www/mta-sts"
        <Directory "/var/www/mta-sts">
                Options -Indexes +FollowSymLinks
                # AllowOverride AuthConfig
                AllowOverride None
                # Tachtler (enable for unlimited access)
                Require all granted
        </Directory>
        Alias /.well-known/mta-sts.txt /var/www/mta-sts/mta-sts.txt
        DirectoryIndex mta-sts.txt

        RewriteEngine On
        RewriteOptions IgnoreInherit
        RewriteRule !^/.well-known/mta-sts.txt - [L,R=403]

        SSLCertificateFile 
/etc/letsencrypt/live/mta-sts.caloro.ch/fullchain.pem
        SSLCertificateKeyFile 
/etc/letsencrypt/live/mta-sts.caloro.ch/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

--

/var/www# cat .htaccess
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
# RewriteRule ^(.*)$ https://www.caloro.ch/ [R,L]
# RewriteRule ^(.*)$ https://mta-sts.caloro.ch/.well-known/ [R,L]

# No access to Folder-Structures
Options All -Indexes

# No access to the install.php
<Files install.php>
Order allow,deny
Deny from all
</Files>

# No access to the wp-config.php
<Files wp-config.php>
Order allow,deny
Deny from all
</Files>

## No access to .htaccess and .htpasswd
<FilesMatch "(\.htaccess|\.htpasswd)">
 Order deny,allow
 Deny from all
</FilesMatch>

## No access to includes folder
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteRule ^wp-admin/includes/ - [F,L]
 RewriteRule !^wp-includes/ - [S=3]
 RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
 RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
 RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

## No access to usernames
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteCond %{QUERY_STRING} .*author=(.+.?) [NC]
 RewriteRule (.*) /blog/?author= [NC,L,R=301]
</IfModule>

# No ETags
# Header unset ETag
# FileETag None

thanks for possible help
regards