Access is not protected.
If you weren't able to access this folders, you couldn't see the images in the pages from public folders.

You can't access by some reasons:
- the folder is really password protected (Apache)
- the folder is not listing its contents (Apache)
- the folder has a empty index.html file (cool and simple trick)

Finally, someone could have wrote a script to deny access but is easy with the methods listed before.

Yeah, I knew how easy it was to "BLOCK" other users to access folders such as: images, js, css, assets, etc. (You know, folders where public access should not be permitted because this is only a place for us to store the important files for our website to use).

But the thing is, it would be cool if I could use, I know know, maybe change the .htaccess file or something to block access for my users to the whole "assets folder". Basically the "assets" folder is where I place all of my Javascripts, PHP scripts, CSS, Images and etc...

Is there a way to do this easily? Block the whole folder so that it is only used by my website and never accessed by my users? It would be easier this way because I wouldn't need to add a "index.html" to every single folder of the assets folder.

If you guys know a way around this let us know.
Thanks!

I think what you want to do is disable directory browsing from apache. You don't need to use htaccess for this.

One line added to /assets/.htaccess:

Deny from all

This will allow the files in this directory and directories below it to be "included" as files in other files and "pages" on your site, but it will not allow any access to those same resources using HTTP (using the Web via HTTP, in other words).

.htaccess affects HTTP access only, and has no effect on FTP, Telnet, SSH, or any other protocol, and no effect on internal server file reads and writes.

Jim

That is exactly what I wanted!

It worked like a charm. Thank you so much!