Zosimas
Reputation: 508
Deny access to directory with .htaccess
I want to protect a directory and the php files in it, from direct web access through an .htaccess file like this:
IndexIgnore *
<Files ~ "\.(php)$">
order allow,deny
deny from all
</Files>
but I want to be able to send ajax requests from a javascript file to those php files an get a result. Is this possible?
Upvotes: 1
Views: 926
Answers (1)
Jesse van Assen
Reputation: 2290
You can only allow POST-requests. Accessing the page from the browser results in an error code, but posting from ajax works. See here.
Note: this qualifies as security through obscurity. If someone looks at your javascript, they'll find out how to get the page results.
Upvotes: 3
Related Questions
- Stop direct access to all files in a folder, but allow ajax requests
- Protect ajax files from direct call using htaccess
- deny all traffic except a php file .htaccess
- .htaccess to deny directory access
- Deny external access to php files
- Modify .htaccess to deny access into folder, but allow access only from my site using ajax to specific files
- How to deny direct access to files in AJAX directory
- Prevent access to php files (folder) with .htaccess EXCEPT for XMLHttpRequest
- Deny ajax file access using htaccess
- How to deny ajax PHP files from browser