I'm working on a Ruby On Rails app and I'm calling some js, css, images and csv files from public/assets.
I added an authentication when accessing the page using these assets:
class MyPageController < ApplicationController
authenticate_or_request_with_http_basic do |username, password|
username == 'login' && password == 'password'
If you need them to be blocked, then it's better to move them to a different folder. The intention of that folder is to hold publicly accessible static files.