Home/ Questions/Q 8588267
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T22:46:00+00:00

I researched for this quite a long time, but could not find proper answer.

  • 0

I researched for this quite a long time, but could not find proper answer.
I am using Free PHP Hosting website which is provided by 000webhost.com.
I have a .htaccess in public_html folder given by them.
directory structure has sub-directory such as includes which I dont want the users to if they directly go to URL, It should say Forbidden - 403.

I do not want .htaccess in every sub-directory where I do not want allow access.
I read somewhere that .htaccess can change behavior of all the subdirectories and itself.

I know performance wise it is not a good option, but I do not have access to httpd.conf.

I think on SO there are some answers which tells me this :
1. move those subdirectories outsides the public_html (do not want to do that)
2. create .htaccess for every subdirectories and denying access (which is pain and not a scalable solution)
3. Use rewrite rules (Could be a solution not sure)
I hope someone can understand and help me out.

Thanks a lot.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Really, the most secure solution is to move those directories outside the DocumentRoot. However, you can easily add rewrite rules in your one .htaccess to forbid access:

    RewriteEngine On
# Group many forbidden directories as (a|b|c|d)
RewriteRule ^(include|otherforbidden|someotherone) - [F]

    Unless you have dozens of directories downstream to manage though, I don’t see a big problem with dropping a directory-specific .htaccess in each.

    • 0