Translations:Manual:Security/74/en

A more secure option for the Apache Web Server is to set the  to an empty or non-existent directory, and then use $alias directives in the Apache configuration to expose only the scripts and directories that need to be web-accessible.