# Enable rewrite engine
RewriteEngine On

# Allow CORS for media server (if needed)
<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type"
</IfModule>

# PHP settings
<IfModule mod_php7.c>
    php_value upload_max_filesize 500M
    php_value post_max_size 500M
    php_value max_execution_time 300
    php_value max_input_time 300
</IfModule>

# Security: Prevent directory listing
Options -Indexes

# Prevent access to sensitive files
<FilesMatch "^(config\.php|db\.php|auth\.php|\.htaccess)$">
    Order allow,deny
    Deny from all
</FilesMatch>
