From a79f9201cd3ddb1573bcb1dfedf5e44407bb75d8 Mon Sep 17 00:00:00 2001
From: An Phan <an@construct.sg>
Date: Sun, 1 Feb 2015 12:31:23 +0800
Subject: [PATCH] Added "Deny Access to Backup and Source Files"

---
 README.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/README.md b/README.md
index 81c5c4d..cc2d4cc 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,7 @@ A collection of useful .htaccess, all in one place. I decided to create this rep
     - [Deny All Access Except Yours](#deny-all-access-except-yours)
     - [Allow All Access Except Spammers'](#allow-all-access-except-spammers)
     - [Deny Access to Hidden Files and Directories](#deny-access-to-hidden-files-and-directores)
+    - [Deny Access to Backup and Source Files](#deny-access-to-backup-and-source-files)
     - [Disable Directory Browsing](#disable-directory-browsing)
     - [Disable Image Hotlinking](#disable-image-hotlinking)
     - [Password Protect a Directory](#password-protect-a-directory)
@@ -119,6 +120,17 @@ RewriteCond %{SCRIPT_FILENAME} -f
 RewriteRule "(^|/)\." - [F]
 ```
 
+### Deny Access to Backup and Source Files
+These files may be left by some text/html editors (like Vi/Vim) and pose a great security danger, when anyone can access them.
+``` apacheconf
+<FilesMatch "(\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$">
+    Order allow,deny
+    Deny from all
+    Satisfy All
+</FilesMatch>
+```
+[Source](http://h5bp.com)
+
 ### Disable Directory Browsing
 ``` apacheconf
 Options All -Indexes