TL:DR Will permission 444 on a folder restrict access for a web user and browser?
I have a webserver with a root catalog that is accessible from the web. I can't access any folders higher up in the hiearchy, I only have control of the root folder and down.
Lets say I have the following folder structure:
- includes
- includes\database.php
- admin
- admin\index.php
I want the includes folder to follow these rules:
- Accessible from within the server, so "admin/index.php" can include "includes/database.php"
- Accessible via FTP, so I can access and edit the folder and files.
- NOT Accessible by a user from the web.
Can I solve this by setting "includes" and all subfolders/files with permission 444? If so, is there a known way to bypass this access-rule or is it safe to use?