In my former life, I had a directory inside my Web Root called config, and inside that directory had a .htaccess file with this code...

deny from all

My understanding was that code would prevent someone from accessing/opening any files in my config directory.

Since then, I have eliminated that folder, and moved my config.php file outside of the Web Root to a directory called outside_web_root.

Does having a .htaccess file - with that same code - in my new outside_web_root directory serve any purpose now??

The goal being that I want to make it as difficult as possible for hackers to go where they shouldn't!!

Hope that makes sense?!