Translations:Manual:Security/196/en

You should also instruct browsers to not "sniff" files by setting a $1 header.