If you’re using Apache web server, this is the first and basic step to protect your web application using .htaccess file.
create and put the .htaccess file in root folder of your application and write the code;
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
# Protect the files that important and contain sensitive information such as database username and password <files my-database-files.php> Order allow,deny Deny from all </files> # Protect .htaccess files it self <files .htaccess> Order allow,deny Deny from all </files> # protect development folder and files <files my-dev-files.php> Order deny,allow Allow from xx.xx.xx.xx Deny from all </files> # Rules to disable directory browsing Options -Indexes |