How to protect website directories


Ok I have just rechecked the tutorial and see that it assumes that there is a js directory, which is where the code goes. It wasn’t clear and I put it in root. Can it go in root when there is an index file?


Seems to work fine in root.


You can delete /public_html/js/.htaccess without problems :wink: I don’t even know how it got there in the first place …


Did you add the code from the tutorial in that directory?


A post was split to a new topic: Problems with PHP scripts


Remember security options on

Provides directory protection too


This past week has been my first use of this forum. Perhaps it was marred for me by some display problems with the tutorial, now solved, but I feel it is badly managed/moderated. I am getting many e-mails with comments from other members, which bear no relation to my original issues or your tutorial. Some were in Russian, which I was going to look at this morning, but they now seem to have disappeared. We also have an issue of password protection which would be better kept separate.

My internal server issues were caused by my own negligence in not reviewing the code that you posted, which included the line /public_html/js/.htaccess
Presumably that was to tell people to create a js directory and put the .htacess file in it. Why in a js directory?

I know what Options -Index does and should have realised that the other line had no place in the .htaccess file.

Also, may I suggest that, when there is more than one person posting, you address your questions and answers to a specific person or persons.


Hey @Malae!

I used the “js” folder as an example in the tutorial. You can create a .htaccess file in any directory in your website and add the code there. Just don’t add it to the .htaccess file in public_html. This should not be causing any issues. Let me know if any issues occur. For the emails, you can turn those off in your account. You get those since you likely replied to that topic and are now being notified. :slight_smile:


Why I got email to this thread? Every user have to do it?


I have pushed this issue of mass mailing to the administrator, it may be you’ve visited this thread before, therefore you “track it” and you will be updated of it - check your forum settings.
If you’ve never visited this thread before there may be an issue with the tutorials section forum and this will be fixed if that is the case.

@andrius @Giedrius


Hi @user848 !

Make sure you have turned off e-mails notifications from your forum account.

Please do reply the results.


I just wanted to say thank you for this. I had some other problem “502 bad gateway” but now that is fixed this works perfectly too. :o)


I was checking online to find some way to protect some certain directories in my website. I realized there is a code to add to your .htaccess file that only allows the server IP access those files. does anybody have any Ideas?


If you add the code in the tutorial, the server will still be able to access all of the files. Only people trying to access the directory such as: will be blocked from them viewing it. :slight_smile:


You said “Just don’t add it to the .htaccess file in public_html.”. Why?
I did and it works. :slight_smile:


I had tried with it in there, but I got a Testing123… page. Glad it worked for you! :slight_smile: