Speak, I'm having a problem, I'm making a system that generates points for the members only to generate it, it has to wait for 30 seconds on a specific page, after that 30 seconds I use (script) to call this file . so there is always a smart guy who likes to search the source code and if he finds the file that is in the script there already it will put in the browser and keep giving enter and generating points without waiting the 30 seconds. p>
And then somebody has some hint of how I can block this file, so that it only works via js and in that specific page.
I did the test so I put it in .htaccess
<FilesMatch "gerapontos\.php$>
order allow,deny
deny from all
</filesmatch>
It blocked on the hour, plus tb blocked for me to call it via js. :