Options -Indexes
<IfModule headers_module>
# Send X-Content-Type-Options to prevent MIME-Type confusion
Header always add X-Content-Type-Options "nosniff"
# Send X-Frame-Options to prevent ClickJacking attacks
Header always add X-Frame-Options "DENY"
</IfModule>
<IfModule php5_module>
# Set session cookie to use HttpOnly, which is more secure
php_value session.cookie_httponly true
</IfModule>
<FilesMatch ".(php|log)$">
# Deny access to all php scripts and logs
Order Deny,Allow
Deny from all
# Allow only from localhost
Allow from 127.0.0.1
Allow from localhost
Allow from ::1
</FilesMatch>
<FilesMatch "index.php">
# Allow viewing index.php
Order Allow,Deny
Allow from all
</FilesMatch>
<FilesMatch "style.php">
# Allow retrieving style
Order Allow,Deny
Allow from all
</FilesMatch>
<FilesMatch "query_">
# Allow queries
Order Allow,Deny
Allow from all
</FilesMatch>
<FilesMatch "setup.php">
# Allow setup
Order Allow,Deny
Allow from all
</FilesMatch>
<FilesMatch "tmp.php">
# TMP
Order Allow,Deny
Allow from all
</FilesMatch>
# Hide PHP Errors
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off
