# Proteksi Admin Area
# Hanya admin yang dapat mengakses folder ini

# Blokir akses langsung ke file sensitive saja
<Files "config.php">
    Order allow,deny
    Deny from all
</Files>

# Set headers keamanan
<IfModule mod_headers.c>
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-XSS-Protection "1; mode=block"
</IfModule>

# Nonaktifkan directory listing
Options -Indexes

# Default file untuk folder admin
DirectoryIndex login.php