diff --git a/.htaccess b/.htaccess
index 704779e2e..2bc9f95ea 100644
--- a/.htaccess
+++ b/.htaccess
@@ -29,6 +29,9 @@ php_value mbstring.func_overload 0
RewriteEngine On
RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
+# security rules
+RewriteRule .svn/ - [F]
+RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
@@ -46,5 +49,4 @@ ExpiresDefault "access plus 1 month"
FileETag MTime Size
-
-
+Options -Indexes
diff --git a/program/.htaccess b/program/.htaccess
new file mode 100644
index 000000000..4ad1b9d12
--- /dev/null
+++ b/program/.htaccess
@@ -0,0 +1,4 @@
+
+RewriteEngine On
+RewriteRule !^js|.*\.gif$ - [F]
+