To prevent access to files in ajax folder so that they cannot be called

Question

0

Asked: May 27, 20262026-05-27T15:41:59+00:00 2026-05-27T15:41:59+00:00

To prevent access to files in ajax folder so that they cannot be called

0

To prevent access to files in ajax folder so that they cannot be called directly by calling them in browser url.

ex:- http://www.mysite.com/ajax/comment.php?act=12210&id=203 like this.
comment.php is an ajax called file. it should not be called directly by users. but some malicious one’s may try this.

Whenever ajax appears in the url i need to redirect the request to a certain file saying you are not allowd to do this. But when the request is made using ajax i need to serve that request. i have tried htaccess solutions to allow access to that file only from localhost. but that prevents even legitimate access to that file.i.e by a actual ajax request.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T15:42:00+00:00

You can do without htaccess.If you want to have a check to see if the request Ajax request or not you can use below code:

Best Way:

 if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
       header('HTTP/1.1 403 Forbidden');
    exit;

 }

with htaccess u can try :

In your folder /ajax/ place a .htaccess file with below rules:

SetEnvIfNoCase X-Requested-With XMLHttpRequest ajax
Order Deny,Allow
Deny from all
Allow from env=ajax

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

To prevent access to files in ajax folder so that they cannot be called

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply