httpdocs, that’s cPanel right?
I’ve never been able to find a nice spot to park files outside the public area in that setup (granted, I never looked very hard).
I always end up creating a directory like “private” in the httdocs and put this .htaccess in it
deny from all
which will show a “forbidden” for all direct requests to the directory (recursively, so also for all files, subdirectories, their subdirectories, etc)
Not the best solution in the world I’m afraid but I haven’t been able to come up with something better.
Ah the joys of plesk.
In the conf directory for the domain, there is a vhost.conf file. You can override basedir restrictions there, then you need to manually from the command line update plesk to read this new setting:
/usr/local/psa/admin/sbin/websrvmng -u –vhost-name=MyWebsite.com