How to Deny Direct Access to .PHP Files Besides index.php Using .htaccess?

Deny Direct Access to All .PHP Files Except for index.php

You aim to restrict direct access to all .php files in a specific directory and its subdirectories, with the exception of index.php. You want to ensure all other .php files are only accessible through PHP includes.

Here's a solution to achieve this using .htaccess:

Order Deny,Allow
Deny from all
Allow from 127.0.0.1

<Files /index.php>
    Order Allow,Deny
    Allow from all
</Files>

The first directive denies access to all files from all sources except localhost. The second directive specifically targets index.php and allows access to it from all sources.

Tips:

• Ensure that mod_access is installed in Apache.
• Remove any spaces after commas in the Order line.
• To allow access to specific file types like CSS or JS, use FilesMatch directives within the .htaccess file.
• For Apache 2.4, use the syntax "Require all denied" instead of "Deny from all."

The above is the detailed content of How to Deny Direct Access to .PHP Files Besides index.php Using .htaccess?. For more information, please follow other related articles on the PHP Chinese website!