Sign Up

Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.

Sign In

Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

You must login to ask a question.

Please briefly explain why you feel this question should be reported.

Please briefly explain why you feel this answer should be reported.

Please briefly explain why you feel this user should be reported.

Search

Ask A Question

0

Editorial Team

Asked: June 9, 20262026-06-09T15:39:33+00:00 2026-06-09T15:39:33+00:00

Through researching, I discovered two common techniques to prevent clients from accessing libraries directly

0

Through researching, I discovered two common techniques to prevent clients from accessing libraries directly with a browser:

Use .htaccess to keep them out
Define a constant and pass it to included files, included files then checks if the constant exists.

However, just keeping those files out of the document root seems sensible. Is there anything wrong with this approach?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team
2026-06-09T15:39:35+00:00Added an answer on June 9, 2026 at 3:39 pm
The best thing to do is keep it outside of your docroot. There is no reason to put includes in a directly HTTP-accessible place.

Some shared web hosts are poorly configured and don’t have this option, but most do, and you definitely have this choice on your own server or VPS.
0

Reply

Share
Share

Share on Facebook

Share on Twitter

Share on LinkedIn

Share on WhatsApp

Report