# ADEO-WEB - Redirections, compression et cache
# Domaine canonique : https://www.adeo-web.fr

RewriteEngine On

# Forcer HTTPS et www
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} !^www\.adeo-web\.fr$ [NC]
RewriteRule ^(.*)$ https://www.adeo-web.fr/$1 [R=301,L]

# Compression Gzip
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/json
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE image/svg+xml
</IfModule>

# Cache navigateur
<IfModule mod_expires.c>
  ExpiresActive On

  ExpiresByType text/css "access plus 1 month"
  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"

  ExpiresByType image/jpeg "access plus 6 months"
  ExpiresByType image/png "access plus 6 months"
  ExpiresByType image/webp "access plus 6 months"
  ExpiresByType image/svg+xml "access plus 6 months"
  ExpiresByType image/x-icon "access plus 6 months"

  ExpiresByType text/html "access plus 1 hour"
</IfModule>

# En-têtes Cache-Control complémentaires
<IfModule mod_headers.c>
  <FilesMatch "\.(css|js)$">
    Header set Cache-Control "public, max-age=2592000"
  </FilesMatch>

  <FilesMatch "\.(jpg|jpeg|png|webp|svg|ico)$">
    Header set Cache-Control "public, max-age=15552000"
  </FilesMatch>

  <FilesMatch "\.(html|htm)$">
    Header set Cache-Control "public, max-age=3600, must-revalidate"
  </FilesMatch>

  # Sécurité de base
  Header always set X-Content-Type-Options "nosniff"
  Header always set Referrer-Policy "strict-origin-when-cross-origin"
  Header always set X-Frame-Options "SAMEORIGIN"
</IfModule>

# Désactiver l'affichage du contenu des dossiers
Options -Indexes

# Protéger les fichiers sensibles
<FilesMatch "^\.(htaccess|htpasswd)$">
  Require all denied
</FilesMatch>