# Activation du moteur de réécriture
RewriteEngine on
RewriteRule ^([a-zA-Z]*)/?([a-zA-Z]*)?/?([a-zA-Z0-9]*)?/?$ index.php?controleur=$1&action=$2&id=$3 [NC,L]

# Sécurité serveur
ServerSignature Off

# Protection des fichiers .ini
<FilesMatch "\.ini$">
    Deny from all
</FilesMatch>

# En-têtes de sécurité HTTP
<IfModule mod_headers.c>
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-Content-Type-Options "nosniff"
    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
	
    Header set Content-Security-Policy "default-src 'self'; \
      script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; \
      style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; \
      font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net; \
      connect-src 'self' https://cdn.jsdelivr.net; \
      img-src 'self' data: https:"
  
    Header set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>