htaccess doesn't deny PHP access to files

Question

I'm having problems with my Apache2 WebServer. I run LAMP on a VPS (Debian 9, 64bit) .

I have two VirtualHosts, Alpha and Beta.
Each VirtualHost has a different DocumentRoot: Alpha has /var/www/A, and Beta has /var/www/B.

The problem is that I don't want Beta can include /var/www/ A /index.php on his files, and the same is for Alpha : I don't want he can include /var/www/ B /index.php (and all other documents) in his files.

How can I do this? I already tryed lots of method using .htaccess but nothing worked, for example:

Order Allow, Deny
Deny from All
Allow from mydomain.com

Thank you! Hope in an answer...is so important :)

Answer 1

if you speak about PHP's include it is not possible to achieve this with htaccess, since you could include any file in the whole file system that can be read by the Apache user.

A solution would be to have a program that can run Apache with different user access depending on the document root, so you can only include (read) the files inside the document root defined for the virtual host, I think it is possible using an Apache module or some other Unix program (I don't remember), it is the same solution that is used by web hosting providers when they give you a folder inside the file system and you can only read the files inside this folder, they usually give you a user name (a Unix user) which have only read access to a specific folder and also Apache run with the rights with this user and so on for PHP.