#Note: Over-riding httpd.conf settings using .htaccess is only allowed 
#if the AllowOverride Directive is set inside httpd.conf which is the default case.

# Disable directory browsing 
Options -Indexes

# Hide the contents of directories
IndexIgnore *

#Deny all files first
Order Deny,Allow
Deny from all

# Deny access to filenames starting with dot(.)
<FilesMatch "^\.">
Order allow,deny
Deny from all
</FilesMatch>

# Allow access to files with extensions .php|.html|.svg|.png|.jpg|.gif|.ico|.js|.pdf|.css|.json|.xml  (note: manifest.json is needed)
<FilesMatch "\.(php|html|svg|png|jpg|gif|ico|js|pdf|css|json|xml)$">
Allow from all
</FilesMatch>
<FilesMatch "\.(json|xml)$">
Allow from all
Require all granted
</FilesMatch>


#Allow a blank index
<FilesMatch "^$">
Allow from all
</FilesMatch>

# Prevent anything in a .git folder from showing
RedirectMatch 404 /\.git



