# PSKF Shotokan — place this at the root of public_html (alongside the
# Nuxt build output, api/, admin/, uploads/ and config.php).
# Never serve config.php directly, from any location.
Require all denied
# Nicer 404s for the static Nuxt site (nuxt generate creates 404.html).
ErrorDocument 404 /404.html
# Basic security headers.
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set Referrer-Policy "strict-origin-when-cross-origin"