sonjay - 11:22 pm on Aug 2, 2004 (gmt 0)

If you can see the .htaccess file on the remote server via ftp, does your ftp program let you, say, duplicate it on the remote, rename it to eliminate the leading dot, and then download it? Or does your ftp program let you edit it directly on the server? Either one of those methods would give you access to it. (I'd prefer downloading over working on a live file, myself.)

The security gurus might be able to chime in here on the issue of ftp security, but I'm not aware of any security risk from just keeping an ftp connection open. As far as I know, FTP is only not very secure because it sends everything in the clear with no encryption. That's the case whether your connection is open for five minutes or five days. (Now, running an ftp server on your computer could definitely present a risk, but that's not what you're doing when you ftp in to a remote server.)