glassfish Posted October 25, 2014 Share Posted October 25, 2014 (edited) I have around 14 script files for an admin page. I am looking to block the access to 10 of them with .htaccess, so they can not get called up through the URL with the web browser, by for example guessing the name. <Files index.php> Order Allow,Deny Allow from all </Files> How to set up, so I can have "those" 10 files in there? Also, when comes to having an admin page and blocking the access to "those" script files is this the proper way to do it? I would appreciate the suggestions a lot! Edited October 25, 2014 by glassfish Quote Link to comment Share on other sites More sharing options...
jcbones Posted October 25, 2014 Share Posted October 25, 2014 If you don't want them called by a url, then why not move them above the public html files? Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 25, 2014 Share Posted October 25, 2014 Easiest way would be to move the files outside of your sites root folder. Files outside of the root folder will not be accessible from a URL. This will not prevent PHP from accessing files. Or place a .htaccess file inside the folders you don't want allow access to with the following Deny from all Quote Link to comment Share on other sites More sharing options...
glassfish Posted October 25, 2014 Author Share Posted October 25, 2014 If you don't want them called by a url, then why not move them above the public html files? I have read this before, I am not quite understanding this. If I have the "*.php" files inside the following folder with XAMPP: htdocs/gallerysite/ To where do I move those files then? Quote Link to comment Share on other sites More sharing options...
glassfish Posted October 25, 2014 Author Share Posted October 25, 2014 Easiest way would be to move the files outside of your sites root folder. Files outside of the root folder will not be accessible from a URL. This will not prevent PHP from accessing files. Or place a .htaccess file inside the folders you don't want allow access to with the following Deny from all Thanks for the answer, I will try that in a minute. I will try to have "those" script files inside an "includes" folder. Can I just have that "line" you have there inside the ".htaccess" file and nothing else to it? Quote Link to comment Share on other sites More sharing options...
jcbones Posted October 25, 2014 Share Posted October 25, 2014 Yes, just that line in a .htaccess file will work.As for the first question, above the htdocs folder. example /home/myfile/htdocs/gallerysite you could store in any folder in /home/myfile and no one would be able to call it with a url, because a url automatically points to the htdocs folder. The server still has access to all folders though. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.