I am using PHP with Apache and pretty Web addresses with mod_rewrite.

I've an index.php where I include another .php files which contain this content.
Now Let me prevent people from viewing individuals (content only) .php files, unless of course they're incorporated via my index.php script obviously.

This is actually the RewriteRule I am using:
RewriteRule ^/?([a-zA-Z0-9/-]+)/?$ /index.php [NC,L]

It rewrites every request towards the index.php where demands are handled and submissions are incorporated accordingly.

It is possible to method of doing this with mod_rewrite, i.e. my .htaccess? To generally deny use of .php files or something like that like this?


Put a continuing in your soul index file after which in every php file make a move like:

defined('ALLOWED') or die('No direct script access.');

Keep the PHP files (except index.php) from the web root. You are able to still include/require them out of your code, but people will not have the ability to access them by URL.

How can you access these files presently if all demands are rewritten to index.php? You shouldn't have to deny access.


RewriteRule ^(.*)$ index.php [L]

and take care of anything else in PHP.