# Block PHP / script execution inside the uploads folder.
<FilesMatch "\.(?i:php|php3|php4|php5|php7|php8|phtml|pl|py|jsp|asp|aspx|htm|shtml|sh|cgi)$">
    Require all denied
</FilesMatch>

# Disable directory indexing here too.
Options -Indexes
