How to disallow PHP file requests from outside web server on shared hosting

In the situation where you have a Shared Hosting plan with a provider like GoDaddy without full access to the server, is there anything i can do to disallow outside HTTP requests for *.php files?

If anyone has experience with shared hosting or with GoDaddy specifically that would be appreciated. Im with GoDaddy and the only thing i can try is to mess with User/Group/World permissions of a php file, but no combinations enables server-only access to a file. And, obviously, i don’t have access to the apache server’s config file which is the easiest solution.

outside HTTP requests for *.php files

I’ll interpret this as requests from outside a set of people you’re willing to share the pages with. You want to limit access to your site.

Easiest approach –

Use an .htaccess file in DocumentRoot that limits access by IP address (if you are willing to force all the people who use the files to work from a limited set of IP addresses)

For Apache 2.2, in the .htaccess file, put

Order Deny,Allow
Deny from all
Allow from 

For Apache 2.4, use

Require ip

Another quick solution would be to password protect the directory with the .php files. The configuration would look something like this:

AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "/usr/local/apache/passwd/passwords"
Require user goodguy

You may want to find hosting with SSH access to give you more control.