In Drupal, in addition to hosting in icdsoft,
i have a php.ini file and maybe a backup folder(i do not have) that do not want unaurotized access
use .htaccess to do the job as:
<Files ~ "php\.ini|install\.php">
Order allow,deny
Deny from all
</Files>
which block php.ini and install.php from access by anyone from web