# deny *everything*
<FilesMatch ".*">
    # Apache 2.2
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Deny from all
    </IfModule>
    # Apache 2.4
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
</FilesMatch>

# but now allow just *certain* necessary files:
<FilesMatch ".*\.(js|JS|css|CSS|jpg|JPG|gif|GIF|png|PNG|swf|SWF|xsl|XSL|php|svg)$">
    # Apache 2.2
    <IfModule !mod_authz_core.c>
        Order Allow,Deny
        Allow from all
    </IfModule>
    # Apache 2.4
    <IfModule mod_authz_core.c>
        Require all granted
    </IfModule>
</FilesMatch>

Options -Indexes
