How do I block direct web access to important Joomla files using .htaccess file?

Knowledge Base Article

How do I block direct web access to important Joomla files using .htaccess file?

Protecting the critical Joomla files from being accessed directly over the web is an essential aspect of your website’s security.

Add this code to your .htaccess file in order to protect your Joomla’s configuration.php file and your .htaccess file from direct access via web:

<FilesMatch "configuration.php">
Order allow,deny
Deny from all
</FilesMatch>
<Files .htaccess>
order allow,deny
deny from all
</Files>

Rating

Views

Recommended PHP settings for Joomla additional security		3689
File permissions based security issues in Joomla		2656
How to check the security and health of my Joomla installation?		2344
How do I restrict access to sensitive Joomla directories by IP address?		1998
How do I move important Joomla files outside public_html?		1839