To not allow any dot files or directories (hidden in unix) to be seen if they are in a directory available to the webserver, add the following to the httpd.conf file.
# The following lines prevent any .files from being viewed by web clients.
<Files ~ "^\.">
Order allow,deny
Deny from all
</Files>
We don’t really have any hidden files (like .svn) on our website, but this should protect us in case someone accidentally puts on there.