I'm establishing a brand new website and presently basically visit mydomian/php/someScript.php it'll execute the php script. How do i allow the files including this still include this although not let other people execute these scripts in the browser. Presently I've this during my .htaccess file:

deny all

however when I go to the site a AJAX publish request is built to a script within this folder and it is returning a 403 error.

Any ideas regarding how to accomplish this are welcome.


for clearness, some files within the php directory are asked for by AJAX and I have now occurred conscious that these files cant possess the preferred permissions. However I'd still prefer to put these permissions alternatively files within this directory


You are able to still include individuals files from php, e.g. using include or require.

Calling it via AJAX isn't not the same as calling it simply by entering the URL within the browser - i.e. you can't block immediate access but allow AJAX access.

The very best option would be to place them outdoors from the web root directory if whatsoever possible, that method for you to include them however the web server can't serve them, no configuration is needed whatsoever within this situation.

EDIT: I observed you need to allow use of the scripts by AJAX. There's not a way to do this as there is no method of telling the main difference between an AJAX request or other kinds of HTTP request with any reliability.