# The following directives prevent the execution of script files
# in the context of the website.
# They also force the content-type application/octet-stream and
# force browsers to display a download dialog for non-image files.
# SetHandler default-handler
# ForceType application/octet-stream
# Header set Content-Disposition attachment
#### Options -Indexes
# The following unsets the forced type and Content-Disposition headers
# for known image files:
# <FilesMatch "(?i)\.(gif|jpe?g|png)$">
# ForceType none
# Header unset Content-Disposition
# </FilesMatch>

# The following directive prevents browsers from MIME-sniffing the content-type.
# This is an important complement to the ForceType directive above:
#### Header set X-Content-Type-Options nosniff

# Uncomment the following lines to prevent unauthorized download of files:
#AuthName "Authorization required"
#AuthType Basic
#require valid-user

ErrorDocument 404 /404.php
<Files /403.php>
order allow,deny
allow from all
</Files>