﻿# Block PHP execution in uploads directory - Security hardening
<FilesMatch "\.(php|php5|phtml|phar|php7|shtml|pl|py|jsp|asp|aspx|cgi)$">
Order Deny,Allow
Deny from all
</FilesMatch>

# Also block via mod_rewrite
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .*\.(php|php5|phtml|phar|php7)$ - [F,NC]
</IfModule>