About the .htaccess in protected directory


I created a module named "admin".

I’m having hard time to create layouts to “admin” module because of the .htaccess file in /protected directory.

I have some css and js files in:



But the .htaccess is preventing me te to call and include those files.

The error I get from the browser:

“403 - forbidden - You don’t have permission to access /protected/modules/admin/views/layouts/css/styles.css”.

What should I do? I cant delete the .htaccess file because it’s important…


The solution, of course, is to not put it there in the first place. :)

Put css in the ‘css’ directory at the app root directory.

Or put it in a theme directory.

The js files you can put in a separate directory in either root directory or in a directory in your theme directory.

Alternatively, you can use the clientscript component to publish css and js.

Most widgets/extensions go that route.

Personally, I prefer to handle css and js manually, and I use my theme directory for that: a css and a js directory in the theme dir.


There is a situation when you have only build a module that contains all the css, layouts etc.

And for some reason you don’t want to mess with the main theme folder.

There should be a way to read from your module.