# Empêcher l'accès direct aux fichiers PHP <FilesMatch "\.php$"> <IfModule !mod_authz_core.c> Order Allow,Deny Deny from all </IfModule> <IfModule mod_authz_core.c> Require all denied </IfModule> </FilesMatch> <Files "api.php"> <IfModule !mod_authz_core.c> Order Allow,Deny Allow from all </IfModule> <IfModule mod_authz_core.c> Require all granted </IfModule> </Files> # Autoriser l'accès aux points d'entrée spécifiques <Files ~ "^(index|admin|login|logout|share)\.php$"> <IfModule !mod_authz_core.c> Order Allow,Deny Allow from all </IfModule> <IfModule mod_authz_core.c> Require all granted </IfModule> </Files> # Définir les types MIME corrects AddType text/css .css AddType application/javascript .js AddType image/x-icon .ico AddType image/svg+xml .svg AddType application/x-font-woff .woff AddType application/x-font-woff2 .woff2 # Activer la compression <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE text/javascript </IfModule> # Cache headers <IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 month" ExpiresByType text/css "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" </IfModule> # Protection des dossiers Options -Indexes