# Zaštita uploads direktorija
Options -Indexes
RemoveHandler .php .phtml .php3 .php4 .php5 .php7 .php8
RemoveType .php .phtml .php3 .php4 .php5 .php7 .php8

# Zabrani sve pristupe prema zadanim postavkama
<FilesMatch ".*">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# Dozvoli samo određene tipove datoteka
<FilesMatch "\.(jpg|jpeg|png|gif|pdf|xlsx)$">
    Order Allow,Deny
    Allow from all
    
    # Postavi ispravne MIME tipove
    AddType application/pdf .pdf
    AddType application/vnd.openxmlformats-officedocument.spreadsheetml.sheet .xlsx
    AddType image/jpeg .jpg .jpeg
    AddType image/png .png
    AddType image/gif .gif
</FilesMatch>

# Dodatna sigurnosna zaglavlja
Header set X-Content-Type-Options "nosniff"
Header set X-Frame-Options "DENY"
Header set X-XSS-Protection "1; mode=block"