# Protect includes directory RewriteEngine On # Block direct access to includes/ RewriteRule ^includes/ - [F,L] # Block access to config files RewriteRule ^config\.php$ - [F,L] # Block access to hidden files RewriteRule (^|/)\. - [F,L] # Block access to SQL files RewriteRule \.sql$ - [F,L] # Block access to log files RewriteRule \.log$ - [F,L] # Disable directory listing Options -Indexes # Prevent script execution in includes php_flag engine off