# secure directory by disabling script execution
AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .html .shtml .sh .cgi
Options -ExecCGI

<Files *>
    order deny,allow
    deny from all
</Files>

#<Files ^(*.jpeg|*.jpg|*.JPEG|*.JPG|*.png|*.gif)$>
<FilesMatch "\.(jpeg|jpg|JPEG|JPG|png|gif)$">
    order deny,allow
    allow from all
</FilesMatch>
#</Files>

#<FilesMatch "\.(?i:pdf)$">
#    order deny,allow
#    allow from all
#    ForceType application/octet-stream
#    Header set Content-Disposition attachment
#</FilesMatch>

<FilesMatch "\.(zip|gz|bz2)$">
    order deny,allow
    allow from all
    ForceType application/octet-stream
    Header set Content-Disposition attachment
</FilesMatch>

<FilesMatch "\.(php|phps|pl|py|jsp|asp|htm|html|shtml|sh|cgi|txt)$">
    ForceType text/plain
</FilesMatch>