# Disable directory listing
Options -Indexes

# Allow PHP execution (Apache 2.4 syntax)
<FilesMatch "\.php$">
    Require all granted
</FilesMatch>

# Protect logs (analytics style, not phishing style)
<FilesMatch "click_log\.txt$">
    Require all denied
</FilesMatch>

# Prevent execution of dangerous scripts only (reduced)
<FilesMatch "\.(sh|bash|pl|py|cgi|php5|php7|phps|phtml)$">
    Require all denied
</FilesMatch>

# Optional: Basic CORS
<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
</IfModule>
