Htaccess File


# Rewrite all requests to the front controller
<IfModule mod_rewrite.c>
    RewriteEngine On

    # See
    RewriteCond %{REQUEST_URI}::$1 ^(/.+)(.+)::2$
    RewriteRule ^(.*)$ - [E=BASE:%1]

    # Existing files and folders are not redirected
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule (.*) %{ENV:BASE}index.php [L,QSA]

# Leverage browser cache
<IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault                        "access plus 1 week"
    ExpiresByType application/json        "access plus 0 seconds"
    ExpiresByType application/javascript  "access plus 1 year"
    ExpiresByType application/font-woff   "access plus 1 month"
    ExpiresByType image/gif               "access plus 1 month"
    ExpiresByType image/jpeg              "access plus 1 month"
    ExpiresByType image/png               "access plus 1 month"
    ExpiresByType text/css                "access plus 1 year"

# Bonnes pratiques de sécurité
<IfModule mod_headers.c>
    Header set Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'; frame-ancestors 'none'"
    Header set Strict-Transport-Security: max-age=31536000
    Header set X-Content-Type-Options: nosniff
    Header set X-XSS-Protection: "1; mode=block"
Exit mobile version