Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/unareil/www/wiki/inc/init.php on line 557
Voici ci-dessous ce que j'ai mis dans le fichier .htaccess de mon site chez ovh pour passer de F à A+ sur https://observatory.mozilla.org/
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
order allow,deny
deny from all
# protection de la lecture des répertoires
Options -Indexes
#Protection trouvée sur le net
Header unset Content-Security-Policy
Header add Content-Security-Policy "default-src 'self'"
Header unset X-Content-Security-Policy
Header add X-Content-Security-Policy "default-src 'self'"
Header unset X-WebKit-CSP
Header add X-WebKit-CSP "default-src 'self'"
#Protection trouvée ici https://stackoverflow.com/questions/16385541/content-security-policy-invalid-command
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "DENY"
Header set Strict-Transport-Security "max-age=631138519; includeSubDomains"