Bonjour,
celui-ci me semble meilleur pour free :
<IfDefine Free>
php56 1
</IfDefine>
AddDefaultCharset UTF-8
### Blocage Iframes externes
### Header set X-Frame-Options SAMEORIGIN
### Accès au seul fichier index.php, les autres sont interdits
### DirectoryIndex index.php
### Interdire les .php/
<IfDefine !Free>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/(.*).php/
RewriteRule (.*) - [F]
</IfDefine>
### Filtre contre XSS, Redirections HTTP, base64_encode, Variable PHP GLOBALS via URL
### Modifier VARIABLE _REQUEST via URL, Test de faille PHP, Injection SQL simple
<IfDefine !Free>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]
RewriteCond %{QUERY_STRING} ^(.*)(%3C|<)/?script(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)?javascript(%3A|:)(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)document.location.href(.*)$ [OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(127.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)(https?|ftp|mosConfig)(%3A|:)//(.*)$ [NC,OR]
</IfDefine>
### Desactive les méthodes de requêtes TRACE TRACK DELETE
<IfDefine !Free>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
RewriteRule ^.* - [F]
</IfDefine>
OPTIONS -ExecCGI -Indexes
<Files ~ "^.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
### Interdire les autres types de fichier index
<Files ~ "^(index).(p?s?x?htm?|txt|aspx?|cfml?|cgi|pl|php[3-9]|jsp|xml)$">
order allow,deny
deny from all
</Files>
<Files ~ ".(inc|dtb)$">
Order allow,deny
Deny from all
Satisfy all
</Files>
ErrorDocument 400 /error.php?err=400
ErrorDocument 403 /error.php?err=403
ErrorDocument 404 /error.php?err=404
ErrorDocument 500 /error.php?err=500
salutations
Le Vert est ma Nature !