a

.htaccess

@@ -1,13 +1,21 @@
-# Réécrit une URL de type xxx/yyy/zzz en index.php?controleur=xxx&action=yyy&id=zzz
+# Activation du moteur de réécriture
 RewriteEngine on
 # RewriteCond %{Request_URI} !^.*/flexcode_web/.*
 RewriteRule ^([a-zA-Z]*)/?([a-zA-Z]*)?/?([a-zA-Z0-9]*)?/?$ index.php?controleur=$1&action=$2&id=$3 [NC,L]
+
+# Sécurité serveur
 ServerSignature Off
+
+# Protection des fichiers .ini
 <FilesMatch "\.ini$">
     Deny from all
 </FilesMatch>
-Header set X-Frame-Options "SAMEORIGIN"
-Header set X-Content-Type-Options "nosniff"
-Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
-Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'"
-Header set Referrer-Policy "strict-origin-when-cross-origin"
+
+# En-têtes de sécurité HTTP
+<IfModule mod_headers.c>
+    Header set X-Frame-Options "SAMEORIGIN"
+    Header set X-Content-Type-Options "nosniff"
+    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+    Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'"
+    Header set Referrer-Policy "strict-origin-when-cross-origin"
+</IfModule>