# JEDI Security hardening for uploads/
Options -Indexes

# Prevent execution of scripts in uploads
<FilesMatch "\.(php|phtml|php3|php4|php5|phar|cgi|pl|py|rb|sh|bash|zsh|js|jsx|ts|tsx|html|htm|shtml|xhtml|hta|asp|aspx|jsp|jar)$">
  Require all denied
</FilesMatch>

# Treat common script types as plain text (defense-in-depth)
AddType text/plain .php .phtml .phar .cgi .pl .py .rb .sh .bash .zsh .js .jsx .ts .tsx .html .htm
