Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I know anyone who views the source can insert style.css into the url and view all the css code. Is there a way to make it so when the user tries to access it via the url it displays an error message or something?
I don't need an example or anything, just curious if it's possible or not
The best you could do is obfuscate using Javascript. External style sheets would be tricky but you could maybe obfuscate an inline <style> tag and insert it into the document using innerHTML (not write as browsers can read that). Still though, all you would need is a tool like Firebug to see the plain english CSS.
CSS is so limited though what could you possibly have done that is worth hiding? Setting the font-size to 9pt has already been done.