# Uploads Protection
# انسخ هذا الملف إلى uploads/.htaccess

# Prevent PHP execution
<FilesMatch "\.php$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Allow only specific file types
<FilesMatch "\.(jpg|jpeg|png|gif|webp|svg|pdf)$">
    Order allow,deny
    Allow from all
</FilesMatch>

# Prevent access to hidden files
<FilesMatch "^\.">
    Order allow,deny
    Deny from all
</FilesMatch>

# Security Headers
<IfModule mod_headers.c>
    Header set X-Content-Type-Options "nosniff"
    Header set Content-Security-Policy "default-src 'self'"
</IfModule>

# Disable directory listing
Options -Indexes

# Prevent hotlinking (اختياري - معطل حالياً)
# RewriteEngine on
# RewriteCond %{HTTP_REFERER} !^$
# RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
# RewriteRule \.(jpg|jpeg|png|gif|webp)$ - [F]