# =====================================================
# UPLOADS DIRECTORY PROTECTION
# =====================================================
# Disable PHP execution in upload directories for security

# Block PHP execution
<FilesMatch "\.(php|phtml|php3|php4|php5|pl|py|jsp|asp|sh|cgi)$">
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_core.c>
        Order allow,deny
        Deny from all
    </IfModule>
</FilesMatch>

# Allow directory listing for easier file management (optional)
# Options +Indexes
# Or prevent it for security
Options -Indexes

