diff --git a/config/.htaccess b/config/.htaccess
new file mode 100644
index 0000000..b66e808
--- /dev/null
+++ b/config/.htaccess
@@ -0,0 +1 @@
+Require all denied
diff --git a/incl/.htaccess b/incl/.htaccess
new file mode 100644
index 0000000..b66e808
--- /dev/null
+++ b/incl/.htaccess
@@ -0,0 +1 @@
+Require all denied
diff --git a/incl/util.php b/incl/util.php
index 3c7aec0..e11c555 100644
--- a/incl/util.php
+++ b/incl/util.php
@@ -27,17 +27,21 @@ function getClientVersion() {
 
 function encrypt($plainText) {
     include __DIR__.'/../config/encryption.php';
+    $key = $SERVER_SEND_TRANSFER_KEY_SPECIFIC[getClientVersion()];
+    if ($key == null) return;
     $iv = random_bytes(16);
-    $cipher = openssl_encrypt($plainText, 'aes-256-cbc', $SERVER_SEND_TRANSFER_KEY_SPECIFIC[getClientVersion()] ?? $SERVER_SEND_TRANSFER_KEY, OPENSSL_RAW_DATA, $iv);
+    $cipher = openssl_encrypt($plainText, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
     return base64_encode($iv . $cipher);
 }
 
 function decrypt($dataB64) {
     include __DIR__.'/../config/encryption.php';
+    $key = $SERVER_RECEIVE_TRANSFER_KEY_SPECIFIC[getClientVersion()];
+    if ($key == null) return;
     $data = base64_decode($dataB64);
     $iv = substr($data, 0, 16);
     $cipher = substr($data, 16);
-    $decrypted = openssl_decrypt($cipher, 'aes-256-cbc', $SERVER_RECEIVE_TRANSFER_KEY_SPECIFIC[getClientVersion()] ?? $SERVER_RECEIVE_TRANSFER_KEY, OPENSSL_RAW_DATA, $iv);
+    $decrypted = openssl_decrypt($cipher, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv);
     if ($decrypted === false) {
         exit(encrypt('-997'));
     }