I’m trying to deny direct access to a couple of php files that are includes in a contact for and another page. I’d like to have a custom “Forbidden” message/page show if possible. I’ve had a search around the web and found the following:
http://khalil-shreateh.com/khalil.shtml/index.php/websites/websites-development/106-best-5-ways-to-prevent-direct-access-to-a-php-file.html?showall=1
http://stackoverflow.com/questions/9282124/deny-direct-access-to-a-folder-and-file-by-htaccess
http://stackoverflow.com/questions/409496/prevent-direct-access-to-a-php-include-file
http://community.sitepoint.com/t/preventing-direct-access-to-included-files/23215/8
I then contacted Stablehost in hopes they could tell me the best approach. Answers received thus far are:
1) In order to show “Forbidden” message to those file, you can set file permissions to 000 from cPanel > File manager.
2) Setup “Password-protection” for your directory so that if anyone access the file in that folder will ask for password.
This seems different than what the links say, so which is best/correct?
I’m very new to this and apprehensive about messing with the .htaccess file or making any other changes to pages until I get a consistent answer.
Any help would be greatly appreciated.