I create some sub-levels were I'm placing my contact files, like

root
root/ct/ct.html
root/ct/pp/ct.php

Now I will start adding captcha on it and I realy want to protect the /pp level from others being able to access it.

I try .htaccess, but then it will require a password from the user to acess that directory. (honest, I tought that when the request was comming from a 'localhost' it will by pass the .htaccess).

What would be the way that you protect your .php files from hackers eyes?

Thank you

I'm guessing by the paths you have you are setting this up on your server and not with a hosting provider.

Generally you should not use .htaccess files unless you don't have access to the main server configuration file. You can have user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do things. ;)

It's a host provider yes.
I do not have access to the main server configuration files.

And it don't need to be done that one if there is any other way to prevent users to picking on my .php files.

I upload an 'index.html' file to the folder as a minimal proteciton, but what I realy like would be the possibility to install the php files outside the web server. I mean, one level up from the /htdocs/
So nobody would have a chance to access it from a browser... :confused: :(