AddType image/x-icon .ico AddType font/truetype .ttf AddType application/x-font-woff .woff AddType application/x-font-woff2 .woff2 AddType video/mp4 .m4v AddType video/webm .webm AddDefaultCharset utf-8 AddHandler cgi-script .py Options All -Indexes +ExecCGI DirectoryIndex index.html index.xml index.py ExpiresActive On ExpiresDefault "access plus 2 hours" ExpiresByType text/html "access plus 2 hours" ExpiresByType image/ico "access plus 1 year" ExpiresByType image/icon "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType font/truetype "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType application/x-font-woff2 "access plus 1 year" Header set Cache-Control "max-age=7200, public" Header set Cache-Control "max-age=31536000, public" Header set Cache-Control "max-age=2592000, public" Header set Cache-Control "max-age=31536000, public" Header always set Strict-Transport-Security "max-age=31536000; preload" Header always set X-Frame-Options SAMEORIGIN Header always set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; media-src *; frame-src 'self' https://player.vimeo.com; script-src 'self' 'unsafe-inline' https://player.vimeo.com" Header always set X-Content-Type-Options nosniff Header always set X-XSS-Protection "1; mode=block" Header always set Referrer-Policy "origin" Header unset ETag Header unset Server FileETag none RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteCond %{SERVER_NAME} =media.larlet.fr RewriteRule ^.* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] Redirect 410 /wp-login.php