# PHP Admin Panel - .htaccess

# Enable RewriteEngine
RewriteEngine On

# Redirect old index.html to index.php
RewriteRule ^index\.html$ /admin/index.php [L,R=301]

# If the request is not for an existing file, rewrite to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /admin/index.php [L,QSA]

# Security - Deny access to sensitive files
<FilesMatch "\.(sql|md|git|env)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Protect includes directory
<IfModule mod_rewrite.c>
    RewriteRule ^includes/ - [F,L]
</IfModule>

# Protect api directory - only allow PHP
<IfModule mod_rewrite.c>
    RewriteRule ^api/ - [F,L]
</IfModule>

# PHP Settings
php_value upload_max_filesize 10M
php_value post_max_size 10M
php_value max_execution_time 300
php_value memory_limit 256M

# Disable directory listing
Options -Indexes
