Silly question, but I'm stuck. After month, I want to go live with my project and thought: preventing pagevisitors from accessing files that are not created for direct user access - CHMOD will do this in seconds for you...
The situation- This is the tree of my root folder:
/index.php
/content/home.php
/content/page2.php
It's kind of a template system. Index.php is the wrapper. And home.php or page2.php are files with the page content. Common situation I thought. So I changed the filepermission with filezilla of the folder "content" and all subfolders an files to Owner permission "read, write, execute = yes" and Group and Public to none.
But if I try to access www.mypage.com/content/home.php the access is given.
Thought CHMOD restricts the access via browser (public permission) and only gives index.php the right to access the files and include them within index.php.
You're over-thinking it.
//index.php
define('VERSION', '0.1');
///content/home.php
if(!defined('VERSION')) return;
add that check to all your pages, tada.