# Security - Protect sensitive files
<Files "config.php">
    Order allow,deny
    Deny from all
</Files>

<Files "database.php">
    Order allow,deny
    Deny from all
</Files>

<Files ".htaccess">
    Order allow,deny
    Deny from all
</Files>

# Prevent directory listing
Options -Indexes

# Protect log files
<FilesMatch "\.(log|txt)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# PHP security settings
php_flag display_errors Off
php_flag log_errors On
php_value error_log /path/to/your/error.log

# Enable HTTPS redirect (uncomment if needed)
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
