i understand it has been clarified lots on SO however i have an issue - i'm while using cforms wordpress plugin in Wordpress and i have trained with the link to an application handler page and i wish to block immediate access for this permitting only cforms - i have attempted everything i have run into including file permissions and putting the file outdoors the main though exactly what blocks the file to immediate access also appears to bar it from cforms ..... and so i assume they are reading through it as being a browser would .... and so i figure i'll have to block it from everyone except demands originating from my webserver (using htacesss) ..... however i am on the shared server and that i shouldn't let it rest available to attack in the other domain names on i tell .... so my real question is this - can one target my domain particularly in htaccess using "allow" ?

thanks

ps this really is my very first time on SO so apologies basically havent looked with enough contentration etc

Since forms (and because of this also cforms) are posted using a browser, you cannot completely block browser demands to individuals files.

What you might do however is block demands that aren't Publish demands, since forms are usually published. You are able to sign in .htaccess when the request is really a Publish request, see Using RewriteRule inshtaccess for Publish request