I've been thinking a lot about this and can't find a way to do it, maybe it's not possible or maybe I just can't think of way. That's why I'm posting this here right...
Basically, I need to protected a folder in Apache from prying eyes, but on the other hand, I need some PHP scripts to access the contents of that folder.
Is this achievable?
P.S: I don't know if this question belongs here or in StackOverflow... My guess is that it belongs in both, but I had to choose one site.
If the PHP script runs as a user that is not a shared one (something other than www, for instance) then you can just use standard Unix file permissions.
It is a good idea to use different users for every application to keep a compromise in one from killing another. If you run each application in this way, only the user running the script needs to access any of the private bits.
If you mean your PHP script must access this folder locally, but you want to protect it from serving to clients, it is very easy:
If not, please specify the exact situation, what you want to solve.