How do I block direct access to critical files using .htaccess?

Critical files, Let say configuration.php file for Joomla
1. Make a backup copy of your .htaccess file. Use your backup file to recover if the following fails. Be sure to delete the backup file once you are finished.
2. Add the following to your .htaccess file. This example will protect the configurtation.php file.

<filesMatch "configuration.php">
Order allow,deny
Deny from all

Magic Trick: Allow/Prevent Directory Browsing

Most servers are configured so that directory browsing is not allowed, that is if people enter the URL to a directory that does not contain an index file they will not see the contents of the directory but will instead get an error message. If your site is not configured this way you can prevent directory browsing by adding this simple line to your .htaccess file:

Page 4 of 41234

Pin It on Pinterest