# Enable rewrite engine
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    
    # Prevent directory listing
    Options -Indexes
    
    # Protect sensitive files
    <FilesMatch "^(config\.php|database\.sql|insert_dummy_data\.sql|generate_password_hash\.php)$">
        Order allow,deny
        Deny from all
    </FilesMatch>
</IfModule>

# Set default charset
AddDefaultCharset UTF-8

# PHP settings
<IfModule mod_php7.c>
    php_value upload_max_filesize 10M
    php_value post_max_size 10M
    php_value max_execution_time 300
    php_value max_input_time 300
</IfModule>

# Security headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-XSS-Protection "1; mode=block"
</IfModule>
