connect example .env file exposed (!) - include a .htaccess to hide deny

[yosun]

I like the web js flow that makes payment easy (so that indie devs can focus on building the main app logic), but it seems that if someone quickly deploys, the .env file is exposed. Please include a default .htaccess that protects the env file

.htaccess

# Disable index view
Options -Indexes

# Hide a specific file
<Files .env>
    Order allow,deny
    Deny from all
</Files>