To add, I tried with a file called ".test.ini" and the following rule:
RewriteRule ^/\.test\.ini$ - [F,L,NC]
And this worked. Use equivalent rule for a file called ".user.ini" and it doesn't. Maybe something significant about the ".user.ini" filename in the code?
OK, newbie question here. I have a file called .user.ini created by the Wordpress "Wordfence" plugin. Wordfence is complaining this file (which it created) is accessible.
So the external address of the fuile would be:
https://mysite.com/.user.ini
I've tried blocking it using a RewriteRule (in...