Here is the scenario:
index.php
file in root folderindex.php
which are in the includes
folder.submit.php
) is in the root folder for form submit action.I want to restrict direct user access to the files in includes
folder by htaccess. also for submit.php
. But include will work for index.php
file.
Like, if user types www.domain.com/includes/somepage.php
, it will restrict it (may be redirect to a error page).
I would just move the includes
folder out of the web-root, but if you want to block direct access to the whole includes
folder, you can put a .htaccess
file in that folder that contains just:
deny from all
That way you cannot open any file from that folder, but you can include them in php without any problems.