id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
13578	Hack to prevent project files (passwords, etc.) from being served by some Apache (RFE)	JonathanHayward	nobody	"For http://docs.djangoproject.com/en/dev/intro/tutorial01/#creating-a-project , users are strongly advised to store project files outside the directories served up by a server.

I'm not sure whether this should be advised in the documentation, but for Apache, if AllowOverride is enabled as it often is, a .htaccess file that contains a syntax error will cause an error page to be displayed on attempted access. If such a .htaccess file is included, there is an extra layer of protection. (This could be advised in the documentation or include in startproject).

Jonathan, http://JonathansCorner.com"		closed	Documentation	1.1		wontfix			Unreviewed	0	0	0	0	0	0