Is it reasonable to further tighten security by adding another .htaccess file to the /media directory, with something like
Options -ExecCGI AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
The problem is that I somehow found myself hacked, with a file called `thumbs_up.php` in my /media directory, if I opened it - it was a file manager that allowed access to me directories.
With such a .htaccess file in place - executing PHP scripts (or other flavours of scripts) would be prohibited.
1. Is this a good idea?
2. Does it have side effects?
3. How about including it in b2evo out of the box?