RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# Block direct access to PHP files outside index.php
<FilesMatch "\.(php)$">
    Order allow,deny
    Allow from all
</FilesMatch>
<FilesMatch "config\.php">
    Order deny,allow
    Deny from all
</FilesMatch>

# Disallow listing
Options -Indexes
