# Prevent direct access to uploaded files
Order deny,allow
Deny from all

# Allow access only from your domain (adjust as needed)
<FilesMatch "\.(pdf|zip|rar|doc|docx|xls|xlsx|jpg|jpeg|png|mp4|mp3)$">
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1
    # Allow from your-server-ip (if needed for bot)
</FilesMatch>