Sometimes it becomes necessery to stop access/browsing to files of any particular folder. For example, you can think of an upload folder. Here any body can upload a file and then can browse it to run its intended code. There might be many situations like this, where there is a strict requirement to stop access to files in that folder.
So to stop access, we have to perform a small trick. Place one Application.cfc file with in that particular folder.
Here you can keep content as:
<h2>Access to files of this folder has been forbidden by Admin.</h2>
As we know, Application.cfc is the first file that is called before any other file during page request, so when any file of this folder is called, it first gives call to Application.cfc file and there the flow is stopped/aborted.
The user is shown with the message:
Access to files of this folder has been forbidden by Admin.
In the above code, we can also set conditions around abort tag to allow a group of users to get in.