I want to hide files ending with ".tpl" and ".conf"
from client access (but I still want server access to them).
How can I do it?
With Apache httpd, I can use "Files" directive to
match those files and deny the client access.
What if I can't modify httpd.conf and I can use .htaccess?
How about IIS?