I am building a web application (PHP) that allows users to create websites choosing some pre-designed templates. The admin area is password protected. Let's say the templates are located in the "templates" folder within the application. A couple of scripts in the application are accessing those template files to make modifications. I was wondering how I could protect that templates folder and all the files in it so that they can't be accessed outside the application (No .htaccess).

Thanks for any ideas.