Usually, you might have a simple rule to prevent users from accessing sensitive files such as “.htaccess
“, that rule might look like:
<FilesMatch "^\.ht">
Order deny,allow
Deny from all
Satisfy all
</FilesMatch>
You can also use this capability to prevent other file extensions. For example, if you wanted to block common image formats extensions, you might add the following:
<FilesMatch "\.(gif|png|jpg|ico)$">
Order allow,deny
Deny from all
Satisfy all
</FilesMatch>
Some other file extensions to consider,
*.bak, *.old, *.inc
REFERENCES: