Hacked By AnonymousFox

Current Path : /home/lengrenatf/www/
Upload File :
Current File : /home/lengrenatf/www/.htaccess.an

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# Permaliens WordPress
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

# ========================================
# Sécurité renforcée
# ========================================

# Protéger .htaccess et wp-config.php
<FilesMatch "^\.(htaccess|htpasswd|wp-config\.php|readme\.html|license\.txt)$">
  Require all denied
</FilesMatch>

# Bloquer l'accès aux fichiers XML-RPC si non utilisé
<Files xmlrpc.php>
  Require all denied
</Files>

# Interdire l'accès aux dossiers sensibles
RedirectMatch 403 ^/wp-admin/includes/
RedirectMatch 403 ^/wp-includes/js/tinymce/langs/
RedirectMatch 403 ^/wp-includes/theme-compat/

# Désactiver l'affichage des index de dossiers
Options -Indexes

# Empêcher l’exécution de scripts PHP dans certains dossiers
<Directory "/wp-content/uploads/">
  <Files *.php>
    Require all denied
  </Files>
</Directory>

# ========================================
# Optimisation de cache navigateur (performance)
# ========================================
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/jpg "access plus 1 year"
  ExpiresByType image/jpeg "access plus 1 year"
  ExpiresByType image/gif "access plus 1 year"
  ExpiresByType image/png "access plus 1 year"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"
  ExpiresByType application/x-javascript "access plus 1 month"
  ExpiresByType application/pdf "access plus 1 month"
  ExpiresByType application/x-shockwave-flash "access plus 1 month"
  ExpiresByType image/x-icon "access plus 1 year"
  ExpiresDefault "access plus 2 days"
</IfModule>

# ========================================
# Headers de sécurité (couches supplémentaires)
# ========================================
<IfModule mod_headers.c>
  Header set X-Content-Type-Options "nosniff"
  Header set X-XSS-Protection "1; mode=block"
  Header always append X-Frame-Options SAMEORIGIN
  Header set Referrer-Policy "strict-origin-when-cross-origin"
  Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"
</IfModule>

# ========================================
# Compression gzip (si mod_deflate activé)
# ========================================
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript application/javascript application/json application/xml
</IfModule>

Hacked By AnonymousFox1.0, Coded By AnonymousFox