# Block direct HTTP access to internal helper files
<FilesMatch "^(auth|_header|_footer)\.php$">
    Order allow,deny
    Deny from all
</FilesMatch>
