diff --git a/ChangeLog b/ChangeLog
index 7d97fed34..bb122d869 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,8 @@ $Source$
     * libraries/common.lib.php, /session.inc.php, /url_generating.lib.php:
       security fixes (announcement will come later),
       thanks to Sebastian Mendel and Stefan Esser
+    * libraries/.htaccess: remove potential vulnerability (allow from none),
+      thanks to Michael Heimpold
 
 2006-09-22 Marc Delisle  <lem9@users.sourceforge.net>
     * libraries/tbl_properties_links.inc.php: bug #1560152, 
diff --git a/libraries/.htaccess b/libraries/.htaccess
index 47f32f26b..56baee608 100644
--- a/libraries/.htaccess
+++ b/libraries/.htaccess
@@ -1,4 +1,3 @@
 # This folder does not require access over HTTP
-Order deny,allow
-Deny from all
-Allow from none
+# (the following directive denies access by default)
+Order allow,deny