My main index.php calls a couple of scripts via JQuery from a subdirectory. I need to block direct access to any files in this directory, but allow them to be accessed by index.php. I have tried the simply:

deny from all

approach, but this blocks even Jquery from loading the script. There is also an /images subdirectory that needs to be blocked from direct access. deny all disallows the image from being called in any way. Does anyone know how to do this?

just use the file-functions of php to get the content of the protected files, so only your php-file (e.g. index.php) is able to handle with the files of the protected dir.

useful functions are:

file_get_contents()

fread()

...

then you can include the js-code in your output-html or get the content out as image (then you should take a look at the header() function.