# Deny direct web access to log files and development artifacts
<FilesMatch "\.(log|bak|orig|tmp|swp|txt)$">
    Require all denied
</FilesMatch>

<IfModule mod_authz_core.c>
    <Files "*.log">
        Require all denied
    </Files>
    # Block FPDF tutorial scripts — executable but serve no runtime purpose
    <FilesMatch "^(tuto[0-9]+|makefont|CevicheOne-Regular)\.php$">
        Require all denied
    </FilesMatch>
    # Block debug/development artifacts
    <Files "debug_proxy.txt">
        Require all denied
    </Files>
</IfModule>

<IfModule !mod_authz_core.c>
    <Files "*.log">
        Order allow,deny
        Deny from all
    </Files>
    <FilesMatch "^(tuto[0-9]+|makefont|CevicheOne-Regular)\.php$">
        Order allow,deny
        Deny from all
    </FilesMatch>
    <Files "debug_proxy.txt">
        Order allow,deny
        Deny from all
    </Files>
</IfModule>
