I am trying to restrict access to directories in my root so that others cannot access the files in those dir directly in a browser. Problem I am running into is now the pages in the root for example the index.php is asking for a password and the .htaccess is in the root of the directories and not the root of the domain. This is preventing the index file from accessing include files from those directories.
What is a simple way to lock down those directories from browser access while still allowing the files in the root to access them and vistors being able to access the root pages without being asked for a password. I would like to to be as far as they know they site is viewable but, if someone starts prying around in the sub directories to steal code it will deny them but, allow the pages to access them.
I have tired this in each of the directories I have been wanting to restrict direct browser access to.
AuthType Basic
AuthName "Administrator"
AuthUserFile /home2/mesquiu0/.htpasswds./htpasswd
Require valid-user
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
