There are several methods of accessing .HTACCESS files and here are the
ways to prevent access as such.
Apply Low Permissions (Ignore this since it requires root
The basic guidance for permissions is simple, the lower the number the
harder access becomes. Good rule of thumb is keep the number as low as
possible where the performance or functionality is not impacted. For most
users, setting it to 640 will grant level of access that you need.
Add .HTACCESS Directives
What’s important to note here is that this only works if the attack is
external. This won’t protect you from internal attacks (if entire cPanel
accout is hacked, for example)
This is the .htaccess directive you can use:
Order Deny, Allow
Deny from All
Note: This only protects the file from external access.
- Disable directory browsing
If you do not want to allow your visitors to browse through your entire
directory, simply add the piece of 2 lines in your .htaccess in the root
directory of your WordPress blog.
disable directory browsing
Options All –Indexes