Now thanks the the Voodoo Magic of Apache .htaccess there is a better way.
Here is a surefire way to make sure you and only you can access the PHP files on a site you working on or developing. The only requirement is that your IP number be fairly static.
1. Create a new .htaccess file and place the following copy in it. Substitute your IP number for the xx.xxx.xxx.xx
2. The no comma between the words Deny,Allow is intentional. Do not add a space.
The first paragraph tells the server to deny all php files to all users except those coming from your IP.
Code: Select all
<Files *.php> Order Deny,Allow Deny from all Allow from xx.xxx.xxx.xx </Files> <Files index.html> Order Allow,Deny Allow from all </Files>
The second paragraph tells the server to show the index.html file to all users from all IP numbers.
At this point in time I really don't know if they could view other HTML files or not. I suspect they could if they knew the name.
After testing I will update this post.
BTW: I never managed to get this working on localhost so you do have to test it on a live server and use a proxy for a different IP number.