RewriteEngine On

# Redirect to HTTPS (uncomment in production)
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Prevent directory listing
Options -Indexes

# Protect config file
<Files "config.php">
    Order Allow,Deny
    Deny from all
</Files>

# Protect SQL file
<Files "database.sql">
    Order Allow,Deny
    Deny from all
</Files>

# Set default charset
AddDefaultCharset UTF-8

# PHP settings (uncomment if needed)
# php_value upload_max_filesize 10M
# php_value post_max_size 12M
# php_value max_execution_time 300
