Informed Webmaster

I suspect anyone who knows what this thread is about knows how to use the old method of creating an index.html and using .htaccess to set the directory index to to index.html. That method works but since everyone knows about, it does not stop the educated.

Now thanks the the Voodoo Magic of Apache .htaccess there is a better way.

Here is a surefire way to make sure you and only you can access the PHP files on a site you working on or developing. The only requirement is that your IP number be fairly static.

1. Create a new .htaccess file and place the following copy in it. Substitute your IP number for the xx.xxx.xxx.xx
2. The no comma between the words Deny,Allow is intentional. Do not add a space.
The first paragraph tells the server to deny all php files to all users except those coming from your IP.

The second paragraph tells the server to show the index.html file to all users from all IP numbers.

At this point in time I really don't know if they could view other HTML files or not. I suspect they could if they knew the name.

After testing I will update this post.

BTW: I never managed to get this working on localhost so you do have to test it on a live server and use a proxy for a different IP number.