I just wanna protect my assets folder in client side. All of my files can access public. I wanna protect it. I have rules .htaccess like below, any wrong rules there?
RewriteEngine on
RewriteCond $1 !^(index.php|assets|robots.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
Advertisement
Answer
You can do two things
- via
.htaccess(Not Tested) - via
index.html
1. .htaccess
add .htaccess inside the assets folder
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
2. index.html
Create index.html file inside the directory and add this
<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>
Output
When some one access outside you get this on browser
Directory access is forbidden.