Файловый менеджер

Файловый менеджер - Редактировать - /home/gqdcvggs/imators.fr/.htaccess

Назад
# Configuration de sécurité et redirection avancée # Désactiver l'affichage du contenu des répertoires Options -Indexes -MultiViews # Désactiver la signature du serveur ServerSignature Off # Activer le moteur de réécriture RewriteEngine On # Protection contre les attaques de type File Injection <IfModule mod_rewrite.c> RewriteCond %{REQUEST_METHOD} ^(TRACE\|TRACK\|OPTIONS) RewriteRule .* - [F] </IfModule> # Protection contre les scripts malveillants <FilesMatch "^(error_log\|php.ini\|\.[hH][tT][aApP].)$"> Order allow,deny Deny from all </FilesMatch> # Protection des fichiers sensibles <FilesMatch "^(wp-config\.php\|\.htaccess\|\.user\.ini)$"> Order Allow,Deny Deny from all </FilesMatch> # Protection contre le hotlinking <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https?://([^/]+\.)?imators\.com [NC] RewriteRule \.(jpg\|jpeg\|png\|gif)$ - [NC,F,L] </IfModule> # En-têtes de sécurité avancés <IfModule mod_headers.c> # Politique de sécurité du contenu stricte Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self'; frame-ancestors 'none'; form-action 'self';" # Politique X-Frame pour éviter le clickjacking Header always set X-Frame-Options "DENY" # Protection contre les attaques XSS Header set X-XSS-Protection "1; mode=block" # Empêcher la détection de type MIME Header set X-Content-Type-Options "nosniff" # Politique de référence stricte Header set Referrer-Policy "strict-origin-when-cross-origin" # Politique de chiffrement HSTS (HTTP Strict Transport Security) Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" </IfModule> # Protection contre les requêtes malveillantes <IfModule mod_rewrite.c> # Bloquer les requêtes POST vides RewriteCond %{REQUEST_METHOD} ^POST$ RewriteCond %{CONTENT_LENGTH} ^0$ RewriteRule . - [F] # Limiter la longueur des requêtes RewriteCond %{REQUEST_URI} ^.{255,}$ RewriteRule .* - [F] # Bloquer les requêtes contenant des caractères suspects RewriteCond %{THE_REQUEST} ^.(\\\|<\|>\|{\|}). [NC,OR] RewriteCond %{THE_REQUEST} ^.(\<script). [NC,OR] RewriteCond %{THE_REQUEST} ^.(%3C\|%3E\|%7B\|%7D). [NC] RewriteRule .* - [F] </IfModule> # Protection contre les injections SQL <IfModule mod_rewrite.c> RewriteCond %{QUERY_STRING} (\<\|%3C).script.(\>\|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=\|\[\|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=\|\[\|\%[0-9A-Z]{0,2}) RewriteRule ^(.)$ index.php [F,L] </IfModule> # Compression et performance <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css text/javascript application/javascript application/x-javascript application/xml </IfModule> # Cache navigateur <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType text/css "access plus 1 month" ExpiresByType text/javascript "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" </IfModule> # Redirection universelle vers imators.com RewriteCond %{HTTP_HOST} !^imators\.com$ [NC] RewriteRule ^(.)$ https://imators.com/$1 [R=301,L] # php -- BEGIN cPanel-generated handler, do not edit # Set the “ea-php81” package as the default “PHP” programming language. <IfModule mime_module> AddHandler application/x-httpd-ea-php81 .php .php8 .phtml </IfModule> # php -- END cPanel-generated handler, do not edit

| ver. 1.6 | Github | . | PHP 8.1.33 | Генерация страницы: 0 | proxy | phpinfo | Настройка