# Disable execution of all scripts (including .php, .pl, .cgi, .sh, etc.) 
<FilesMatch "\.(php|pl|cgi|sh|bash|py|htaccess)$"> 
       Require all denied 
</FilesMatch> 

# Allow access to static files (images, css, js, etc.) 
<FilesMatch "\.(jpg|jpeg|png|gif|css|js|pdf|txt|html|xml)$"> 
       Require all granted
</FilesMatch>
