Ok Im about to do the actual job. I want to protect two folders, one is includes and the other is admin. How do I actually do it.
All files in includes starts with inc (like inc.mydb.php) and in admin they begin with admin (like admin.myadmin.php) except for index.php in admin folder.
Also I have folder editor which have my editor. I want to protect it too. So far I have created index.php and added a line to redirect to parent index file and die. Any suggestio/direction is welcomed!
There are several ways to choose from in this situation.
A passive way to deny access to both folders would be to put a .htaccess in the root of the main project and use the RewriteMatch directive. That would allow you to simply redirect anybody who tries to access anything in either of your protected directories to a location of your choosing.
RedirectMatch 301 /(includes|admin)/.* /
That redirects anybody from those directories over to the root of your project.
Or, you could go a more aggressive way and simply deny them access, returning a 403 "Forbidden" error. This is the same thing I posted earlier, which requires a separate .htaccess file into the target directory.
deny from all
That would deny all files in the directory.
If you want it more targeted, like just blocking admin.myadmin.php , you could do:
<Files ~ "^admin\..*\.php$">
deny from all