Options -Indexes

# Security headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
</IfModule>

# Protect config files
<FilesMatch "\.(sql|md|env)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# PHP settings
<IfModule mod_php.c>
    php_flag display_errors Off
    php_flag log_errors On
</IfModule>
