I just wanna protect my assets folder in client side. All of my files can access public. I wanna protect it. I have rules .htaccess like below, any wrong rules there?
RewriteEngine on
RewriteCond $1 !^(index\.php|assets|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
You can do two things
.htaccess (Not Tested)index.htmladd .htaccess inside the assets folder
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
Create index.html file inside the directory and add this
<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>
When some one access outside you get this on browser
Directory access is forbidden.
Create a helper to access these 'assets'. And allow requests to these files only from your server. That's one way to solve this.
You can protect your assets or files folder similarly as CI protects its application file. Simply copy .htaccess file and index.html file from application and paste it to your assets file.