PHP - how to prevent .php files from direct access

Question

i have following folders:

mywebsite/en/index.php
mywebsite/en/product/info.php
mywebsite/en/tags/tags.php
mywebsite/en/games/list.php

my site is running on friendly url, top mentioned files accessable from following friendly urls

mywebsite/en/?pageno=1
mywebsite/en/product/Nike-glove
mywebsite/en/tags/Nike
mywebsite/en/games/ice-sports

i have some examples, but nothing work for me like...i want to prevent direct access to .php files..i want to do that with htaccess...can i?

thanks and kind regards

Reelmark

Answer 1

The solution I've settled on is based on @Fou's answer, but I've modified it to handle the case of /script.php/oops and opted to rewrite the response code as 404 instead of using a temporary redirect:

RewriteCond %{THE_REQUEST} ^[A-Z]+\ /[^?\ ]*\.php[/?\ ]
RewriteRule .* - [R=404]

Answer 2

just add this into your htaccess file... give it a try :) hope it useful

RewriteEngine On
IndexIgnore *

Answer 3

add 404 page and try following...

RewriteCond %{THE_REQUEST} ^[A-Z]+\ /[^?\ ]*\.php[/?\ ]
RewriteRule .*\.php$ 404.php [L]

Answer 4

Not sure exactly sure what you are trying to accomplish, but this will prevent direct access of your php files:

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /[^\ ]+\.php($|\ )
RewriteRule \.php$ / [F,L]

Though I'm guessing you really want to redirect to the friendly urls when accessing the php files directly.

Answer 5

<Files ~ "\.php$">
Order allow,deny
Deny from all
</Files>