diff --git a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
index f572f250..217b697b 100644
--- a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
+++ b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
@@ -66,9 +66,9 @@ Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains
 # for ACME challenges, security.txt, and other standardized endpoints.
 # https://www.rfc-editor.org/rfc/rfc8615
 # https://github.com/h5bp/server-configs-apache
-<DirectoryMatch "/\.(?!well-known/)">
+<LocationMatch "/\.(?!well-known/)">
     Require all denied
-</DirectoryMatch>
+</LocationMatch>
 
 # Block access to files that may expose sensitive information
 # Based on H5BP server configs: https://github.com/h5bp/server-configs-apache