# Deny direct HTTP access — attachments are read by PHP on Send only
Order allow,deny
Deny from all

<IfModule mod_php.c>
    php_flag engine off
</IfModule>
<IfModule mod_php7.c>
    php_flag engine off
</IfModule>
<IfModule mod_php8.c>
    php_flag engine off
</IfModule>

Options -Indexes