htaccess to deny access, except for includes
It's usually a bad idea to allow php include files to be directly accessed. My general method is to either declare a constant in the index.php and check for that constant in the included file or make sure that the included file doesn't match $_SERVER['REQUEST_URI'].
Sure, either of those work. But I [...]
