diff --git a/_.htaccess b/_.htaccess
index b0b4960975d7c3e401d8a1ca4a2d0baa2e61582d..c1198a198efd3aade284f5d7fe79a224764ae4bf 100644
--- a/_.htaccess
+++ b/_.htaccess
@@ -282,7 +282,9 @@ AddDefaultCharset utf-8
 	RewriteRule ^(vendor|typo3_src) - [F]
 	RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
 
-	# Access block for files or folders starting with a dot
+	# Block access to all hidden files and directories with the exception of
+	# the visible content from within the `/.well-known/` hidden directory (RFC 5785).
+	RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
 	RewriteCond %{SCRIPT_FILENAME} -d [OR]
 	RewriteCond %{SCRIPT_FILENAME} -f
 	RewriteRule (?:^|/)\. - [F]