Zend Framework - Deny access to folders other than public folder

All,

I have the following Zend application structure:

helloworld
 - application
     - configs
     - controllers
     - models
     - layouts
 - include
 - libr开发者_运维百科ary
 - public
    - .htaccess
    - index.php
 - design
 - .htaccess

Currently, if the user visits, http://localhost, my .htaccess files above make sure, the request is routed to http://localhost/public automatically. If the user visits any other folder apart from public folder from the address bar, he gets a directory listing of that folder.

How can I make sure to deny the user access to every other folder except the public folder? I want the user to be redirected to the public folder if he visits any other folder. However, if the underlying code requests something from other folders, (ex: ) it should still work..

Thanks

---

The easiest method (and the method that the Zend Framework setup is designed to be used with) is to only put the contents of the public folder under the DocumentRoot. Everything else should go outside the DocumentRoot.

If you can't do this for some reason, you could put a .htaccess in each of the other subdirectories with: Order Allow,Deny Deny from all

Response to comments:

Your application shouldn't need the application/controller directory (or any directory except 'public') to be under the DocumentRoot. PHP includes can be from outside of the DocumentRoot (normally).

If you're following the typical suggested Zend Framework application folder structure correctly, all resources which need to be directly accessible from the browser (ie. images/flash/multimedia, javascripts, css and index.php) should be inside the public directory.

Also, with regards to .htaccess, you should only need a .htaccess file in the top level of the directory tree, so in your example above, you would put one in each of: application, include, library and design.