Answered my own question:

deny from all

Yes, it helps to consider that what you mean is "deny HTTP access to the directory, but allow internal server access" (by your scripts). Since Apache configuration settings all have to do with HTTP requests, you can simply deny all HTTP (URL) access without affecting file access.

Jim

Correct me if am wrong , am just reading how to learn apache so am just writing this to test if am going on right path or not

For denying access to directory by http we need to add

<location> container

and for denying access using internal file system we need to add

<directory> container

i have just started reading apache manual so , want to make sure am learning correct

Yes and no -- both <location> and <directory> containers, along with almost all other Apache directives, apply to HTTP requests only. Access control in the filespace is controlled by the operating system file permissions, not by Apache. In all cases, Apache is really referring to URLs, even though it may use look-ahead to determine what filepath a URL will eventually resolve to.

Remember that a URL and a filepath are two completely-separate naming conventions that may or may not be related in any way. Both may refer to the same object, but a URL is a "Web address" and a filepath is a "file address" and they are different things. The job of a server like Apache is to translate a URL to a filepath, and this translation may be straighforward or it may involve scripting, rewrites, or aliases -- or perhaps all of these.

When a php files "reads" or "includes" something, it is operating as an application on the server, and therefore is operating within the filesystem; No HTTP request is involved. You can make a script do an HTTP request to GET a page or file from another server or your own, but that's inefficient if a simple filesystem read is all that is needed.

Jim

The effect of Directory and Files can be obtained from htaccess file as you told in your ealier post for using Deny all

I am just quoting from Apache manual , may be you can just explain much better with this , all the text is quoted from there

Sorry am just starting to learn this

Filesystem and Webspace
The most commonly used configuration section containers are the ones that change the configuration of particular places in the filesystem or webspace. First, it is important to understand the difference between the two. The filesystem is the view of your disks as seen by your operating system. For example, in a default install, Apache resides at
/usr/local/apache2 in the Unix filesystem or "c:/Program Files/Apache Group/Apache2" in the
Windows filesystem. (Note that forward slashes should always be used as the path separator in Apache, even for Windows.) In contrast, the webspace is the view of your site as delivered by the web server and seen by the client. So the path /dir/ in the webspace corresponds to the path /usr/local/apache2/htdocs/dir/ in the filesystem of a default Apache install on Unix. The webspace need not map directly to the filesystem, since webpages may be generated dynamically from databases or other locations.

Filesystem Containers
The <DIRECTORY> and <FILES> directives, along with their regex counterparts, apply directives to parts of the
filesystem. Directives enclosed in a <DIRECTORY> section apply to the named filesystem directory and all subdirectories
of that directory. The same effect can be obtained using .htaccess files

Webspace Containers
The <LOCATION> directive and its regex counterpart, on the other hand, change the configuration
for content in the webspace.

The <LOCATION> directive need not have anything to do with the filesystem.

Yes, that's essentially what I said in different words. I'm afraid I can't really explain it any better than my previous attempt, or the documentation itself...

Jim

Thanks Jim :)

Wow, I thought by answering my own question that this would be a dead thread. I guess not.

I don't know if it would help clear anything up (bear in mind I'm not an apache guru), but my solution was for an .htaccess file. I have shared hosting and so don't have access to the main config files (I don't even know what they are).

So I just made an .htaccess file in the directory in question, and it seemed to do the trick.