Options -Indexes
ServerSignature Off

# Protect config
<FilesMatch "^(db|jwt|cors)\.php$">
  Order Deny,Allow
  Deny from all
</FilesMatch>

# Allow uploads to be served
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
</IfModule>

# Security headers
<IfModule mod_headers.c>
  Header set X-Content-Type-Options "nosniff"
  Header set X-Frame-Options "SAMEORIGIN"
</IfModule>

# PHP settings
php_value upload_max_filesize 20M
php_value post_max_size 25M
php_value max_execution_time 120
