Menu
Just add a . htaccess file with the code Deny from all to the folder.
If you want to restrict access to files, you should consider storing them outside the public DocumentRoot and using PHP to deliver the file, applying your own access logic. This means outside the www or public_html folders, depending on the hosting environment you are working with.
I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just:
deny from all
That way you cannot open any file from that folder, but you can include them in php without any problems.
This is pure mod_rewrite based solution:
RewriteRule ^(includes/|submit\.php) - [F,L,NC]
This will show forbidden error to use if URI contains either /includes/ or /submit.php
It's possible to use a Files directive and disallow access to all files, then use it again to set the files that are accessible:
<Files ~ "^.*">
Deny from all
</Files>
<Files ~ "^index\.php|css|js|.*\.png|.*\.jpg|.*\.gif">
Allow from all
</Files>
1 liner mod_alias based solution :
RedirectMatch 403 ^/folder/file.php$
This will show forbidden error for /folder/file.php
If I understand correctly you just want to deny access to the includes folder?
An .htaccess with a 'DENY FROM ALL' directive placed in the includes folder would do the trick.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With