I'm redirecting to the same page index.php via .htaccess everything that looks like this:
mysite.com/something/somethingelse/blahblah
Which means: url's that don't exist. That way, requests like
mysite.com/includes/js/script.js
Are still accessible.
But I would like to avoid access this way:
mysite.com/includes/php/dostuff.php
So I would like to know if there is a method I could use to check in dostuff.php that the file is being accessed directly and not via require.
What I have thought so far is to check $_SERVER["REQUEST_URI"]. But I'm a little lost about what to do from there.
I think it can be done easily checking if a variable exists. So in dostuff.php and similar files there will be this line at the top:
if(empty($myvar)) exit;
However, that won't work on internal files called via ajax. So I still need help to figure out that.
add a .htaccess to the php directory with:
Order Deny,Allow
Deny from all