</IfModule>
</Directory>
+# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
+<Files ".ht*">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</Files>
+
+# Prevent backup files from being viewed, too.
+<Files "*~">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</Files>
+
#
# This should be changed to whatever you set DocumentRoot to.
#