.htaccess redirect - how to and which directory?

I have a directory structure "like" this

• Root
  • Sub Dir A
  • Content
  • Admin

And I have some files in Admin that I need to .htaccess forbid. I know they should be outside the root but in this situation I cannot. What is the correct syntax for htaccess to redirect a direct request for say 'Sub Dir A/Admin/abc.php' (say a forbidden file) back to say Sub Dir A/Admin/index.php - just an example. To note "abc.php" may be an include so it should only be a direct request. Oh forgot to a开发者_运维知识库sk, which directory to put the .htaccess file in

If you really want to do this with mod_rewrite, then the rule can be:

Options +FollowSymLinks -MultiViews
RewriteEngine On

RewriteRule ^abc\.php$ http://www.example.com/subdir_a/admin/index.php [R=301,L]

This will issue 301 Permanent Redirect if you attempt to access abc.php directly.

This is to be place in .htaccess in /subdir_a/admin/ folder.

If you wish -- you can place it in .htaccess file in website root folder -- then alter rewrite rule a bit to include the path to abc.php:

RewriteRule ^subdir_a/admin/abc\.php$ http://www.example.com/subdir_a/admin/index.php [R=301,L]

Alternatively you can issue 403 Access Denied response:

Options +FollowSymLinks -MultiViews
RewriteEngine On

RewriteRule ^abc\.php$ - [F,L]

The common practice is not to relay on .htaccess and mod_rewrite (that can be unavailable on some shared hosting plans or disabled for performance reasons) and use PHP-Script side checks:

1. To be placed in included/protected file (e.g. abc.php):

if (!defined('ENTRY_POINT_MARK')) {
    header('HTTP/1.1 403 Access Denied', true, 403);
    exit();
}

2. To be placed in calling/master script (that you can access directly):

define('ENTRY_POINT_MARK', 'EntryPointMark');