If I would like to set up a protected directory (by myself) on the Apache webserver/Linux systems, so that:
-only the webserver can access it
-other ppl who know the direct link to the file cannot access it (and/or will get an error)
...what permissions should I set for that directory?

Example: If I have a file at .../secretfolder/donttell.html, and if people figure out the direct link, they can get to it. What CHMOD must I set, so that the page will only display when the person is "referred" by an existing page on my server (i.e. not a direct type-in-the-address-bar-and-get-it neither direct click-on-an-email-link-to-get-it)?

Thanks much.