Make backup & source file blocking work with v2.3+

As of Apache v2.3, the `Order`, `Allow` & `Deny` directives are replaced
by `Require`, making the Apache v2.2.x configuration not compatible with
Apache v2.3+: http://httpd.apache.org/docs/trunk/upgrading.html#access.

This patch enables the correct syntax for both Apache v2.2.x & v2.3+, by
checking for the presence of the `mod_authz_core` base module (available
only in Apache v2.3 and later).

See also: http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html

Close #5 and #6.

Author: endelwar

.htaccess

@@ -306,9 +306,17 @@ AddDefaultCharset utf-8
 # danger when anyone has access to them.
 
 <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$">
-    Order allow,deny
-    Deny from all
-    Satisfy All
+    # Apache < 2.3
+    <IfModule !mod_authz_core.c>
+        Order allow,deny
+        Deny from all
+        Satisfy All
+    </IfModule>
+
+    # Apache ≥ 2.3
+    <IfModule mod_authz_core.c>
+        Require all denied
+    </IfModule>
 </FilesMatch>
 
 # ------------------------------------------------------------------------------

CHANGELOG.md

@@ -1,5 +1,6 @@
 ### HEAD
 
+* Fix backup and source file blocking for Apache v2.3+ ([#5](https://github.com/h5bp/server-configs-apache/issues/5)).
 * Remove filename extension to content type mappings that are already provided by Apache v2.2.0+ ([#4](https://github.com/h5bp/server-configs-apache/issues/4)).
 * Improve inline comments.
 * Remove `screen flicker` fix required by IE 6 ([#3](https://github.com/h5bp/server-configs-apache/issues/3)).