# Admin Panel Security
Options -Indexes

# Extra security headers for admin
<IfModule mod_headers.c>
    Header always set X-Frame-Options "DENY"
    Header always set Cache-Control "no-store, no-cache, must-revalidate, private"
    Header always set Pragma "no-cache"
</IfModule>

# Block non-PHP files from executing
<FilesMatch "^(?!.*\.php$).*$">
    <IfModule mod_rewrite.c>
        RewriteRule \.(js|css|png|jpg|gif|svg)$ - [L]
    </IfModule>
</FilesMatch>
