# Aegean Dominance Admin Panel
# Security & Access Configuration

# Deny access to sensitive files
<FilesMatch "\.(sql|log|ini|env|json|md)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Protect partials directory
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^partials/ - [F,L]
</IfModule>

# Security Headers
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# Disable directory listing
Options -Indexes

# Prevent PHP execution in uploads (if any)
<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
