Disclosure: Hosting Canada is community-supported. We may earn a commission when you make a purchase through one of our links. Learn more.

To prevent the access to your PHP includes files

If PHP includes are there in your directory that you don’t wish to directly access from browser, you can disable the directory by using the Mod_Rewrite.

Make an .htaccess file to enable this and follow the guidance along with the instructions that includes the text below.

## Enable the option Mod Rewrite, it’s required only once per .htaccess file
RewriteEngine On
RewriteBase /
## This is for testing the includes directory access
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /includes/ .*$ [NC]
## Check that the requested file has php extension
RewriteCond %{REQUEST_FILENAME} ^.+\.php$
## Forbid Access
RewriteRule .* - [F,NS,L]

In the above code the includes directory is /includes/