# Allow static assets in uploads; block PHP execution
<IfModule mod_authz_core.c>
  <FilesMatch "\.(?:css|js|png|jpe?g|gif|webp|avif|svg|ico|woff2?|ttf|eot|map)$">
    Require all granted
  </FilesMatch>
  <FilesMatch "\.(php|phtml|phar|php\d?)$">
    Require all denied
  </FilesMatch>
</IfModule>
<IfModule !mod_authz_core.c>
  <FilesMatch "\.(php|phtml|phar|php\d?)$">
    Order allow,deny
    Deny from all
  </FilesMatch>
</IfModule>
