Problem: Restricting Access to Specific Folders
Controlling access to certain folders on a website is a security requirement. The .htaccess file lets you manage this access at the server level, giving you control over who can view or interact with specific directories.
Solution: Using .htaccess to Deny Folder Access
Creating a .htaccess File
To restrict access to the "includes" folder, find it in your website's directory. Create a new .htaccess file inside it. Use a text editor to make a new file and save it as ".htaccess" (with the dot at the start).
Tip: Hidden File Visibility
On some operating systems, files starting with a dot are hidden by default. If you can't see your .htaccess file after creating it, you may need to enable "Show hidden files" in your file explorer settings.
Implementing the Deny Directive
Open the new .htaccess file and add this line:
Deny from all
This tells the server to deny access to all users who try to access the folder directly through a URL. If someone tries to view the "includes" folder contents by typing "localhost/site/includes" in their browser, they'll get a "403 Forbidden" error instead of seeing the directory contents.
The "Deny from all" rule blocks access to the folder and its contents. It stops direct URL manipulation and helps protect your files and directories from unauthorized access.