hi guys,

my .htaccesss looks like

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?_args=$1 [L,QSA]
which works great for routing everything not a file or directory to my index.php.

unfortunately this application needs to be secure and i want to deny access to all my .php files except the index.php in the web root.

any advice/help appreciated.