-<IfModule mod_php5.c>
- <FilesMatch "\.ph(p3?|tml)$">
- SetHandler application/x-httpd-php
- </FilesMatch>
- <FilesMatch "\.phps$">
- SetHandler application/x-httpd-php-source
- </FilesMatch>
- # To re-enable php in user directories comment the following lines
- # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
- # prevents .htaccess files from disabling it.
- #<IfModule mod_userdir.c>
- # <Directory /home/*/public_html>
- # php_admin_value engine Off
- # </Directory>
- #</IfModule>
-</IfModule>
+<FilesMatch ".+\.ph(p[345]?|t|tml)$">
+ SetHandler application/x-httpd-php
+</FilesMatch>
+<FilesMatch ".+\.phps$">
+ SetHandler application/x-httpd-php-source
+ # Deny access to raw php sources by default
+ # To re-enable it's recommended to enable access to the files
+ # only in specific virtual host or directory
+ Order Deny,Allow
+ Deny from all
+</FilesMatch>
+# Deny access to files without filename (e.g. '.php')
+<FilesMatch "^\.ph(p[345]?|t|tml|ps)$">
+ Order Deny,Allow
+ Deny from all
+</FilesMatch>
+
+# Running PHP scripts in user directories is disabled by default
+#
+# To re-enable PHP in user directories comment the following lines
+# (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
+# prevents .htaccess files from disabling it.
+#<IfModule mod_userdir.c>
+# <Directory /home/*/public_html>
+# php_admin_flag engine Off
+# </Directory>
+#</IfModule>