How to restrict access to web files

Hi on my web page, i need to restrict access to certain files, but they are also used by javascript fetch method. Iam using file questions.json. I tried .htaccess but if i define for example deny for all then the js cannot fetch the file. Is there some way to restrict access questions.json?

Page is here
and questions


Add this to ur .htaccess


Thanks but with that change, it would not fetch the questions and 500 error is returned.

GET 500 (Internal Server Error)
game.js:27 SyntaxError: Unexpected token E in JSON at position 4

Javascript is being executed by browser, if you disable access to webfiles it won’t work also.

1 Like

So how i can protect web data, for example credentials to DB?

are you storing them in php or a html file? if it’s php then no need to worry as it’ll only return a blank screen unless you’re echo’ing data.

I would like to use only html css and js, but i need to store data, and it looks like that i cannot store the data for exmaple questions.json in file because anybody could just take it which i dont want. So i will need to use DB and for connection to db i would use PHP, so i try to figure out if somebody can get to connection data and to my DB?

That’s mostly true, yes. If you want to allow certain people to access files and other people not, then you’ll need to use PHP.

But you can still store the data in JSON. Just make sure the file cannot be access directly from the web browser (using .htaccess rules) and read and print the JSON data from your PHP script. The printing part can be done with about two lines of code, the access control code depends on what you want to do with it.

There are tens if not hundreds of thousands of guides online how to use MySQL from PHP. So about a mid sized city worth of people can help you do this.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.