# Deny all requests from Apache 2.4+.
    <IfModule mod_authz_core.c>
      Require all denied
    </IfModule>
    
    # Deny all requests from Apache 2.0-2.2.
    <IfModule !mod_authz_core.c>
      Deny from all
    </IfModule>
    
    # Turn off all options we don't need.
    Options None
    Options +FollowSymLinks
    
    # Set the catch-all handler to prevent scripts from being executed.
    # This is borrowed from Drupal SA-2006-006
    SetHandler FlightPath_Security_Do_Not_Remove_See_SA_2006_006
    <Files *>
      # Override the handler again if we're run later in the evaluation list.
      # This is borrowed from Drupal SA-2006-006
      SetHandler FlightPath_Security_Do_Not_Remove_See_SA_2006_006
    </Files>
    
    # If we know how to do it safely, disable the PHP engine entirely.
    <IfModule mod_php5.c>
      php_flag engine off
    </IfModule>