How to stop files from being accessed directly (via url) but load properly on website?

I want to stop visitors from accessing certain files on the server, for example /system/config.php , while this file remains usable by other php files to connect to the database. I've found a lot of similar topics on here but I either end up completely blocking access to a certain file (so the website cant even load it), or htaccess doesnt do anything and hence the files I want to protect remain accessible for the public to view when the url is entered. How can I achieve this? I've tried redirecting, straight up throwing a 403 error, but nothing seems to work so far. I don't have any current code for this file.