The htaccess examples already cover things like the error log and the backups directory.
File attachments should also be added to this list, so that all access to the attachments can be funnelled through PHP without any way to sneak around it.
File attachments should also be added to this list, so that all access to the attachments can be funnelled through PHP without any way to sneak around it.