Hello all,

I have searched for this in the forum but have found nothing so I am starting a new thread. I wanted your opinions on which you think is the best/most professional way to keep files safe from users; placing them in a directory above root or restricting access with .htaccess any why.

thank you all for your answers