# Allow access to uploaded files
<Files "*">
    Order Allow,Deny
    Allow from all
</Files>

# Prevent execution of PHP files
<Files "*.php">
    Order Deny,Allow
    Deny from all
</Files>

# Security headers
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options nosniff
    Header always set X-Frame-Options DENY
</IfModule>