Disallow direct php file access
<Files *.php> Order Deny,Allow Deny from all Allow from 127.0.0.1 </Files> <Files index.php> Order Allow,Deny Allow from all </Files>