# ==============================
# ADMIN FOLDER .HTACCESS
# ==============================

# 1. Matikan directory listing
Options -Indexes

# 2. Atur default file index
DirectoryIndex index.php

# 3. Blokir akses langsung ke file sensitif
<FilesMatch "(\.env|config\.php|koneksi\.php|composer\.json|composer\.lock|.*\.bak)$">
  Order allow,deny
  Deny from all
</FilesMatch>

# 4. Redirect pengunjung yang akses folder admin langsung ke login.php
RewriteEngine On
RewriteBase /admin/

# Jika URL langsung ke /admin/ tanpa file, redirect ke login.php
RewriteCond %{REQUEST_URI} ^/admin/?$
RewriteRule ^$ login.php [R=302,L]

# 5. (Opsional) Batasi file yang boleh diakses langsung
# Uncomment jika hanya ingin file tertentu bisa diakses
# RewriteCond %{REQUEST_URI} !^/admin/(login\.php|index\.php|dashboard\.php|assets/.*)$
# RewriteRule ^(.*)$ - [F,L]

# 6. Cegah eksekusi file PHP dari folder upload (jika ada)
# Misalnya: admin/uploads/
<Directory "uploads">
  <FilesMatch "\.php$">
    Order allow,deny
    Deny from all
  </FilesMatch>
</Directory>