# Block direct HTTP access to the local secret file (PHP include still works from disk).
<Files "creative-fraud-config.local.php">
    Require all denied
</Files>
