diff --git a/admin/woocommerce-admin-functions.php b/admin/woocommerce-admin-functions.php
index b84fd87222e..52841f90284 100644
--- a/admin/woocommerce-admin-functions.php
+++ b/admin/woocommerce-admin-functions.php
@@ -9,6 +9,36 @@
  * @author		WooThemes
  */
  
+/**
+ * Checks which method we're using to serve downloads
+ * 
+ * If using force or x-sendfile, this ensures the .htaccess is in place
+ */
+function woocomerce_check_download_folder_protection() {
+	$upload_dir 		= wp_upload_dir();
+	$downloads_url 		= $upload_dir['basedir'] . '/woocommerce_uploads';
+	$download_method	= get_option('woocommerce_file_download_method');
+	
+	if ($download_method=='redirect') :
+		
+		// Redirect method - don't protect
+		if (file_exists($downloads_url.'/.htaccess')) :
+			unlink( $downloads_url . '/.htaccess' );
+		endif;
+		
+	else :
+		
+		// Force method - protect, add rules to the htaccess file
+		if (!file_exists($downloads_url.'/.htaccess')) :
+			if ($file_handle = fopen( $downloads_url . '/.htaccess', 'w' )) :
+				fwrite($file_handle, 'deny from all');
+				fclose($file_handle);
+			endif;
+		endif;
+		
+	endif;
+} 
+ 
 /**
  * Deleting products sync
  * 
diff --git a/admin/woocommerce-admin-hooks.php b/admin/woocommerce-admin-hooks.php
index 1857ac2ab4e..579f9ecc00f 100644
--- a/admin/woocommerce-admin-hooks.php
+++ b/admin/woocommerce-admin-hooks.php
@@ -16,6 +16,7 @@ add_action('delete_post', 'woocommerce_delete_product_sync', 10);
 add_action('admin_init', 'woocommerce_preview_emails');
 add_action('admin_init', 'woocommerce_prevent_admin_access');
 add_action('admin_init', 'install_woocommerce_redirect');
+add_action('woocommerce_settings_saved', 'woocomerce_check_download_folder_protection');
 
 /** Filters ***************************************************************/
 
diff --git a/admin/woocommerce-admin-settings.php b/admin/woocommerce-admin-settings.php
index 9054058707d..af5845442e0 100644
--- a/admin/woocommerce-admin-settings.php
+++ b/admin/woocommerce-admin-settings.php
@@ -970,6 +970,8 @@ function woocommerce_settings() {
     if (isset($_GET['saved']) && $_GET['saved']) :
     	echo '<div id="message" class="updated fade"><p><strong>' . __( 'Your settings have been saved.', 'woothemes' ) . '</strong></p></div>';
         flush_rewrite_rules( false );
+        
+        do_action('woocommerce_settings_saved');
     endif;
     
     // Install/page installer