So I have this file in my htdocs, called “data.json”. The user can just go to imagienworld.rf.gd/data.json to see everything inside. So how do I make it only accessible by serverside (ie. PHP), and when anyone else tries to go to imagienworld.rf.gd/data.json it just says 404 or access denied?
,,If you for some reason need one PHP script to execute another via HTTP’’
Also, what do you mean by disabling directory listings? Does it hide the directory in ftp or something? Or does it make it invisible to people who want to view the file system of my website?
Lastly, can I just do “Require (specific file) denied” and still put the file I want to hide, inside the root folder?
That’s why I emphasized that the best solution is to put all the files you want to restrict/hide in a subfolder
so you don’t have to think a lot or constantly edit .htaccess file in case you have more files and so on
e.g. if you have a folder named “secret” and in it that .htaccess file (plus files)
whoever tries to come to your domain/secret/ will get a 403 error.
that means if, for example, you have a css folder here
if someone comes to the address of that folder
the server will show him the files that are there
and that behavior is disabled with the code I mentioned.
So what do they mean when PHP executes another PHP script through HTTP? Shouldn’t that be impossible since HTTP is client sided and PHP is chiefly server sided?
And what do they mean by it being unreasonable for JS documents on the client side to not access files hidden via htaccess? Isn’t that the entire point of hiding files from the client with .htaccess — ie. to make it inaccessible to clientsided JS?
if you have a file called index.php (home page)
and in it the menu for the about.php page
of course index.php will call the about.php page and display it in the user’s browser
when the user clicks on a button or text link.
That would mean HTTP req !
the browser has that in it (uses the user’s CPU, RAM, etc.)
PHP is executed on the server and uses server resources (CPU, RAM, etc.)
php can call other files, create new ones, can also delete them and so on.
HTML code can be seen (by browser or xy…)
while the PHP code cannot be seen, only the generated page by the server, which is then displayed to the visitor.
He corresponds to a specific request from the OP (in the initial question)
so don’t bother with it
he doesn’t talk in general terms or mention some golden rule
And please don’t turn this topic into endless questions because this is a support category
not for educating people in depth or commenting on someone’s post on some website.