27 lines
1015 B
ApacheConf
Executable File
27 lines
1015 B
ApacheConf
Executable File
# Activation du moteur de réécriture
|
|
RewriteEngine on
|
|
RewriteRule ^([a-zA-Z]*)/?([a-zA-Z]*)?/?([a-zA-Z0-9]*)?/?$ index.php?controleur=$1&action=$2&id=$3 [NC,L]
|
|
|
|
# Sécurité serveur
|
|
ServerSignature Off
|
|
|
|
# Protection des fichiers .ini
|
|
<FilesMatch "\.ini$">
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# En-têtes de sécurité HTTP
|
|
<IfModule mod_headers.c>
|
|
Header set X-Frame-Options "SAMEORIGIN"
|
|
Header set X-Content-Type-Options "nosniff"
|
|
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
|
|
Header set Content-Security-Policy "default-src 'self'; \
|
|
script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; \
|
|
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; \
|
|
font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net; \
|
|
connect-src 'self' https://cdn.jsdelivr.net; \
|
|
img-src 'self' data: https:"
|
|
|
|
Header set Referrer-Policy "strict-origin-when-cross-origin"
|
|
</IfModule> |