The plugin blocks browser navigation to a directory, but not to the files within it. If an attacker knows the asset's filename, he can still view and download it. Makes this plugin useless to me and I think to pretty much anyone, since a filename can be viewed in the source anytime it's embedded in a user-facing view.
You must log in to submit a review. You can also log in or register using the form near the top of this page.