# Enable rewrite engine
RewriteEngine On

# Prevent directory listing
Options -Indexes

# Protect sensitive files
<FilesMatch "\.(env|log|ini|conf|config)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Security headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
</IfModule>

# PHP settings (optional)
<IfModule mod_php.c>
    php_value upload_max_filesize 10M
    php_value post_max_size 10M
    php_value max_execution_time 60
    php_value memory_limit 128M
</IfModule>
