Question

85

How can I block direct access to my JavaScript files?

rated 0 times [ 90] [ 5] / answers: 1 / hits: 17026 / 13 Years ago, mon, june 13, 2011, 12:00:00

I use Minify to minify and cache all my script requests. I only want my users to be able to access the minified versions of the JavaScript files.

Minify lies at www.example.com/min and my scripts are at www.example.com/scripts. How can I block direct access to doc_root/scripts which is where my unminified JavaScript files lie. I'd rather not put them out of the document root but it's an option.

Please note that I'm using Zend Framework, so the actual root of my application is shifted to www.example.com/public. An htaccess file handles the rewrite.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

zoey

Add To Favorites

Follow

Total Points: 120

Total Questions: 103

Total Answers: 105

Location: Marshall Islands

Member since Mon, May 31, 2021

3 Years ago

answered 13 Years ago minab · Accepted Answer

Can't you just use an .htaccess file inside doc_root/scripts to prevent all access over the web to .js files over HTTP?

It won't stop minify, since that provides indirect access.

So in doc_root/scripts/.htaccess, something along the lines of

<Files ~ .js$>

    order allow,deny

    deny from all

</Files>

Note that the location of the .htaccess file matters in this case.