# Security Headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
</IfModule>

# Hide sensitive files
<FilesMatch "^\.">
    Order allow,deny
    Deny from all
</FilesMatch>

# Disable directory browsing
Options -Indexes

# Prevent access to config files
<FilesMatch "\.(php|inc|conf)$">
    <If "%{REQUEST_URI} =~ m#/config/#">
        Order allow,deny
        Deny from all
    </If>
</FilesMatch>






