<phillip.s.powell@gmail.com> schreef in bericht
news:1165529250.835286.151950@l12g2000cwl.googlegr oups.com...
> What I tried doing was this, out of desparation:
>
> <Files>
> order allow,deny
> deny from all
> </Files>
What files are to be denied without specifying a filename ??
Test for me
<Files ~ ".">

> And even then all session files were still viewable. That's when I
> concluded perhaps it is due to the nature of how PHP names its session
> files (no PHP session file has any extension, just a name),
Thinking name-dot-extention ... is a MicroSoft doctrine.


BTW your sess* files are at the document_root ...???
If not, try
<Location /<folder>/>
order allow,deny
deny from all

HansH
</Location>