﻿RewriteEngine On

# Pretty URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/?$ index.php?page=$1 [L,QSA]

# Security Headers
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"

# Protect sensitive files
<Files "config.php">
    Order deny,allow
    Deny from all
</Files>

<Files "schema.sql">
    Order deny,allow
    Deny from all
</Files>

<Files "*.log">
    Order deny,allow
    Deny from all
</Files>

# Protect logs directory
<Directory "logs">
    Order deny,allow
    Deny from all
</Directory>
