Index: branches/5.0.x/tools/.htaccess
===================================================================
diff -u -r12258 -r12428
--- branches/5.0.x/tools/.htaccess (.../.htaccess) (revision 12258)
+++ branches/5.0.x/tools/.htaccess (.../.htaccess) (revision 12428)
@@ -1,30 +1,49 @@
-###### Search Engine Friendly URLs ######
-
-# Uncomment line below if FollowSymLinks option is not enabled by default in server configuration
-#Options +FollowSymLinks
-RewriteEngine On
-
-#RewriteBase /
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME}/ !-f
-RewriteCond %{REQUEST_FILENAME}/index.php !-f
-RewriteCond %{REQUEST_FILENAME}/index.html !-f
-RewriteCond %{REQUEST_URI} !\.(gif|jpg|png|js|css|ico|swf)$ [NC]
-RewriteRule ^(.*) index.php?rewrite=on&_mod_rw_url_=$1 [QSA]
-
-
-###### Security ######
+### File security
+# Exclude direct access to tpl, tpl.xml, inc.php, sql extensions
+#
order allow,deny
deny from all
-
+# Exclude direct access
+
order allow,deny
deny from all
-
- order allow,deny
- deny from all
-
+## Enable mod-rewrite
+RewriteEngine On
+
+###### Rewrite rules to block common hacks
+## If you experience problems comment out the operations listed below
+## Block out any script trying to base64_encode crap to send via URL
+RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
+## Block out any script that includes a