diff --git a/assets/.htaccess b/assets/.htaccess
index ac6412a..f86e6e2 100644
--- a/assets/.htaccess
+++ b/assets/.htaccess
@@ -1,2 +1,33 @@
-RemoveHandler .php .phtml .php3 .php4 .php5 .inc
-RemoveType .php .phtml .php3 .php4 .php5 .inc
+#
+# Whitelist appropriate assets files.
+# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
+#
+# If you are not using Apache then you can ignore this file.
+# If you are using IIS then you should look at assets/web.config instead.
+#
+# To add an extension to the list, you need to put another string of the form "ext|" on the
+# FilesMatch line, inside the parentheses.
+#
+# For example, to add *.exe files to list of downloadable assets, change this line:
+#
+#
+ Allow from all
+
+
+# We disable PHP via several methods
+# Replace the handler with the default plaintext handler
+AddHandler default-handler php phtml php3 php4 php5 inc
+
+# Turn the PHP engine off
+php_flag engine off
+
diff --git a/assets/web.config b/assets/web.config
new file mode 100644
index 0000000..df26900
--- /dev/null
+++ b/assets/web.config
@@ -0,0 +1,97 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file