Sometimes you need to outright deny web browsers from accessing specific directories, configuration files, or internal scripts.
Denying Access Using .htaccess (Linux)
If you are on a Linux hosting plan, Apache uses hidden `.htaccess` files to control directory settings. To block all access to a specific folder:
- Go to the File Manager.
- Navigate into the folder you want to hide from the public (e.g., `/httpdocs/config`).
- Click `+` > Create File and name it exactly
.htaccess. - Click on the new file to open the code editor.
- Type the following exactly:
Require all denied - Click Save.
Now, if anyone tries to visit yourdomain.com/config, the server will block them instantly!
Virtual Directory Security (Windows)
If you are using Windows hosting, you can manage this right from the Plesk UI:
- Go to Virtual Directories.
- Click on the Directory Access Permissions.
- You can easily uncheck Read and Write permissions for the web visitor user groups, ensuring the files can only be accessed internally by your scripts.
