You also have one for php5.ini ?
deny from all
This code you can use for any file you which to block access. The .htaccess file can be used in various methods to secure your website. However with the use of FTP (File Transfer Protocol) connections, you can access any file as the .htaccess file does not safe guard against ftp access.
Changing file permissions really doesn't do much of anything to protect yourself from hackers. You can set the file permissions to 000 - no rights at all. If I have access to the file system I can issue a chmod command to change the permissions to any setting I want, including 777 which is full rewrite and execute permissions.
The "deny all" .htaccess to deny access to a particular file has the same pitfall. If a hacker gains access to your file system. Then the hacker can access your files and can change the contents of the .htaccess file, change permissions and can destroy files, rewrite code and hack all your files.The best protection
-- Is to always keep your web content up to date. Be careful of which plugins and components you install and --- ALWAYS --- Backup your web content.
Never rely on your hosting provider to do your backups for you. Do your own backups and store them offline where you can restore a backup if needed.http://docs.joomla.org/Securityhttp://docs.joomla.org/Category:Security_Checklisthttp://docs.joomla.org/Vulnerable_Extensions_List
Do not use anything on the Joomla Vulnerability list that shows up as "Red". If you can, avoid adding too many components. If you can get by without a particular plugin, it is better than expanding your potential php vulnerability.
Check your back-end updates of Joomla, components and plugins. As well as any other php script on your hosting account.
One php vulnerability that grants access to the file system is all that is needed to get your site hacked.
- Web Design - Joomla 3.xhttp://www.genealogyarticles.com
- Articles about Genealogy - Joomla 2.5.x