The Note You're Voting On
nick dot hristov at gmail dot com ¶12 years ago
A correction to previous post by Dave Mink.
<Files ~ "\.inc$">
Order allow,deny
Deny from all
Satisfy All
</Files>
Will not stop something like
http://www.yourserver.com/includefile.inc?pointlessvar=blahblah
Here is something more sophisticated for this task:
<Location ~ "/[^ ](?=\.inc(\?[^ ]*)?)/">
Options None
Order Allow, Deny
Deny from All
AllowOverride None
Satisfy All
</Location>
Also, consider placing in your httpd.conf
<Location ~ "/[^ ](?=\.phps(\?[^ ]*)?)/">
Options None
Order Allow, Deny
Deny from All
AllowOverride None
Satisfy All
</Location>
