# Restrict direct browser access to config (optional extra layer)
<Files "config.php">
    Require all denied
</Files>

# Optional: deny listing
Options -Indexes
