# Enable rewrite engine
RewriteEngine On

# Route all requests to index.php (except existing files/directories)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# Security - prevent access to config files
<Files "config.php">
    Require all denied
</Files>

<Files "*.log">
    Require all denied
</Files>