after having installed and configured the plugin BulletProof Security, and set it up as recommended, and specially after having setup the permissions to sensible files at 400, I couldn't visit the site any more. In fact the server returned a 403 error.
I fixed the problem setting up the permission for the file
.htaccess back at 644, and not 400 as recommended.
My question now is, what exactly is the difference in terms of security in having to keep the .htaccess file visible to the World? And why the recommended setting put the entire site down, instead?
Thanks in advance,