You can prevent unauthorized access to your htaccess file by adding this rule to the file:# .htaccess protection order allow, deny deny from all satisfy all