deny direct access to a folder and file by htaccess

Here is the scenario:

  • There is a index.php file in root folder
  • some files are included in index.php which are in the includes folder.
  • 1 other file (submit.php) is in the root folder for form submit action.

I want to restrict direct user access to the files in includes folder by htaccess. also for submit.php. But include will work for index.php file.
Like, if user types www.domain.com/includes/somepage.php, it will restrict it (may be redirect to a error page).


Answer

I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just:

deny from all

That way you cannot open any file from that folder, but you can include them in php without any problems.

Leave a Reply

Your email address will not be published. Required fields are marked *