I have some ideas to solve this situation, but still wanted to ask someone with more experience.
I've created an Android App that makes requests to some URL. In this URL I would also like to have the landing page of my app. Howevere, I don't want people to enter to my folders where I process the requests (I have there some interface to test my app). When I protect this folder with a password via cPanel, the users are not avaible to connect with my php files and download the data. What is the best way to handle this? Should I have two URL (one for the landing page - one for the backend)? Should I not create any link to my backend files and not allow Google to crawl them? Should I add a password to this folder and insert the Username and Password in my client?
Thanks!