RewriteEngine On
# Allow direct files (check.php, index.php)
RewriteRule ^check\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?r=$1 [QSA,L]

# Block direct access to PHP partials
<FilesMatch "\.(log|sql|env|ini)$">
  Require all denied
</FilesMatch>
