# MediCab — Configuration Apache / cPanel
Options -Indexes

DirectoryIndex index.html

AddDefaultCharset UTF-8
AddCharset UTF-8 .html .css .js .php

<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType text/html              "access plus 1 hour"
  ExpiresByType application/javascript "access plus 1 week"
  ExpiresByType text/css               "access plus 1 week"
</IfModule>

<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/html text/css application/javascript application/json
</IfModule>

<IfModule mod_headers.c>
  Header always set X-Content-Type-Options nosniff
  Header always set X-Frame-Options SAMEORIGIN
  # Autoriser les requêtes AJAX vers l'API
  <FilesMatch "\.php$">
    Header always set Access-Control-Allow-Origin "*"
  </FilesMatch>
</IfModule>

# Protéger le fichier de config
<Files "config.php">
  Require all denied
</Files>

# Redirection HTTP → HTTPS (décommenter après activation SSL)
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
