Options -Indexes

RewriteEngine On

# Block direct HTTP access to source code and runtime data
RewriteRule ^src/  - [F,L]
RewriteRule ^data/ - [F,L]
RewriteRule ^logs/ - [F,L]

# Block direct access to database and log files anywhere under shield/
<FilesMatch "\.(db|db-shm|db-wal|json|log|ndjson|txt)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>
