# ══════════════════════════════════════════════════════════════════ # Driver & Butler — .htaccess Complet # Sécurité + Core Web Vitals + Cache + Compression + Anti-DevTools # ══════════════════════════════════════════════════════════════════ # ── 1. SÉCURITÉ D&B ─────────────────────────────────────────────── # BEGIN Sécurité D&B # Désactiver l'affichage du contenu des dossiers Options -Indexes # Bloquer l'accès direct à wp-config.php Order Allow,Deny Deny from all # Bloquer l'accès direct à xmlrpc.php Order Allow,Deny Deny from all # Bloquer les fichiers sensibles Order Allow,Deny Deny from all # Bloquer l'accès au fichier .htaccess lui-même Order Allow,Deny Deny from all # Bloquer les user-agents malveillants connus RewriteEngine On RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC] RewriteRule .* - [F,L] # Headers de sécurité HTTP # Forcer HTTPS Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" # Empêcher le clickjacking Header always set X-Frame-Options "SAMEORIGIN" # Empêcher le sniffing MIME Header always set X-Content-Type-Options "nosniff" # Protection XSS Header always set X-XSS-Protection "1; mode=block" # Referrer policy Header always set Referrer-Policy "strict-origin-when-cross-origin" # Permissions policy — désactiver accès caméra/micro/géoloc non sollicités Header always set Permissions-Policy "camera=(), microphone=(), geolocation=(self)" # END Sécurité D&B # ── 2. COMPRESSION GZIP + BROTLI ────────────────────────────────── # BEGIN Compression AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript AddOutputFilterByType DEFLATE application/json application/xml application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml application/atom+xml AddOutputFilterByType DEFLATE image/svg+xml font/ttf font/otf font/woff font/woff2 # Pas de compression sur les fichiers déjà compressés SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png|webp|zip|gz|bz2)$ no-gzip dont-vary # Brotli si disponible (prioritaire sur Gzip) AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css AddOutputFilterByType BROTLI_COMPRESS text/javascript application/javascript AddOutputFilterByType BROTLI_COMPRESS application/json application/xml AddOutputFilterByType BROTLI_COMPRESS image/svg+xml font/woff font/woff2 # END Compression # ── 3. CACHE NAVIGATEUR ──────────────────────────────────────────── # BEGIN Cache ExpiresActive On ExpiresDefault "access plus 1 month" # HTML — pas de cache (contenu dynamique) ExpiresByType text/html "access plus 0 seconds" # CSS & JavaScript ExpiresByType text/css "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" # Images ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/webp "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" # Fonts ExpiresByType font/ttf "access plus 1 year" ExpiresByType font/otf "access plus 1 year" ExpiresByType font/woff "access plus 1 year" ExpiresByType font/woff2 "access plus 1 year" ExpiresByType application/font-woff "access plus 1 year" # JSON / XML ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # PDF ExpiresByType application/pdf "access plus 1 month" # Manifeste PWA ExpiresByType application/manifest+json "access plus 1 week" # Cache-Control par type Header set Cache-Control "public, max-age=31536000, immutable" Header set Cache-Control "public, max-age=31536000" Header set Cache-Control "no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "0" # Vary: Accept-Encoding pour la compression Header append Vary Accept-Encoding # END Cache # ── 4. PERFORMANCE ──────────────────────────────────────────────── # BEGIN Performance # Keep-Alive Header set Connection keep-alive # ETags — désactiver pour éviter les conflits avec Cache-Control Header unset ETag FileETag None # END Performance # ── 5. ANTI COPIER/COLLER + DEVTOOLS ────────────────────────────── # BEGIN Anti-DevTools # Note : protection côté serveur limitée — le JS dans footer.php # reste la méthode principale pour bloquer F12, clic droit, sélection. # Ce bloc ajoute une couche headers pour compliquer l'inspection. # Désactiver le cache sur les pages pour compliquer View Source Header set X-Robots-Tag "all" # Header custom D&B Header set X-Powered-By "Driver-and-Butler" Header unset X-Powered-By # Bloquer l'embedding dans des iframes externes (anti-scraping) Header always set Content-Security-Policy "frame-ancestors 'self'" # END Anti-DevTools # ── 6. STRIPE CHECKOUT ──────────────────────────────────────────── # BEGIN Stripe Checkout RewriteEngine On RewriteRule ^stripe-checkout/?$ /stripe/create-checkout-session.php [L,QSA] # END Stripe Checkout # ── 7. WORDPRESS ────────────────────────────────────────────────── # BEGIN WordPress # The directives (lines) between "BEGIN WordPress" and "END WordPress" are # dynamically generated, and should only be modified via WordPress filters. # Any changes to the directives between these markers will be overwritten. RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress SITEMAP - Getting Around Has Never Been Easier Index Chauffeur Privé — Toutes les Destinations | Driver & Butler

Index des Destinations — Chauffeur Privé

Accès réservé aux robots d'indexation et aux administrateurs. Annuaire complet des villes desservies.

2473 destinations indexées

Réserver un Chauffeur Maintenant →