I have some templates files on my site. They are not linked from any page of my site. I am using 'Bold Chat' for site support. This tool allows me to see that on which page a customer is doing some activity. I saw in bold chat that one visitor was accessing my template page _template.php. How a vistior can access this page. How I can prevent visitors from viewing inaccessible pages? Please advise.
You can do this with a password which would allow you to view the files if you wanted: First, you need a password. Use: htpasswd -c /path/to/htpasswd greatlogix Code (markup): Change /path/to to a directory on your system. Make sure the htpasswd file is NOT in your web directory. Otherwise, people may be able to find your encrypted password and crack it. If you want to add more users, drop the -c from the command. Next, you need this in a .htaccess file: AuthUserFile /path/to/htpasswd AuthType Basic AuthName "Secret templates" <Files "_template.php"> Require valid-user </Files> Code (markup): If you remove the <Files> section, the password will be required for the entire directory that the .htaccess is in. If you want more files, just add another <Files> secion with the new filename. If you don't need access to the files at all, even with a password, you could simply deny access to all users. This is as simple as a rewrite rule: RewriteRule ^_template.php$ - [F] Code (markup): None of this will have any effect on your PHP code including the template to display your pages. It only affects people requesting your _template.php file directly. After all that... is it so much of a problem ? What harm comes from people requesting the template file ?
Just because they're not linked to doesn't mean they can't access it. Use htaccess to password protect it. Or i believe, not 100% sure that if your website is like mine and you have public_html if you don't put it in that it can't be seen but i might be wrong you might be able to use ../