# The installer itself (index.php) needs to stay accessible - it's what
# runs before anything else on the site is configured. This just blocks
# direct access to the lock file itself (which only contains an install
# timestamp, nothing sensitive, but no reason to expose it either).
<IfModule mod_authz_core.c>
  <FilesMatch "\.lock$">
    Require all denied
  </FilesMatch>
</IfModule>
<IfModule !mod_authz_core.c>
  <FilesMatch "\.lock$">
    Order allow,deny
    Deny from all
  </FilesMatch>
</IfModule>
