</IfModule>
</Directory>
-# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
-<Files ".ht*">
+# Prevent access to:
+# - .htaccess and .htpasswd files
+# - backup files from being viewed
+# - PHP's .user.ini
+<FilesMatch "^(\.ht.*|\.user\.ini|.*~|.*,v)$">
<IfModule mod_authz_host.c>
Require all denied
</IfModule>
Order deny,allow
Deny from all
</IfModule>
-</Files>
+</FilesMatch>
-# Prevent backup files from being viewed, too.
-<Files "*~">
+# Prevent access to:
+# - version control directories
+<DirectoryMatch "/(\.(svn|git|hg|bzr)|CVS)/?">
<IfModule mod_authz_host.c>
Require all denied
</IfModule>
Order deny,allow
Deny from all
</IfModule>
-</Files>
+</DirectoryMatch>
#
# This should be changed to whatever you set DocumentRoot to.