# Prevent any PHP execution in uploads folder (defense against malicious file uploads)
<FilesMatch "\.(php|phtml|php3|php4|php5|phar|pl|py|jsp|asp|sh|cgi)$">
    Require all denied
</FilesMatch>

Options -ExecCGI
