[contribution] KISS FileSafe ( file security ) in General Add-Ons Support Posted March 14, 2011 Hello all, Question; the .htaccess changes referred to in the install notes. php_flag engine off <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> I looked into the current .htaccess file in 'images' - as an example and noted that it is similar to what has been suggested should be in there; # $Id$ # # This is used to restrict access to this folder to anything other # than images # Prevents any script files from being accessed from the images folder <FilesMatch "\.(php([0-9]|s)?|s?p?html|cgi|pl|exe)$"> Order Deny,Allow Deny from all </FilesMatch> If using File Safe, should we delete the current .htaccess content and replace with the KISS File Safe version, or copy it beneath the original? As well, apart from the image / cache directories, which others should be amended in this way.