<Directory />
Options -Indexes
</Directory>

<Files ~ "^\.ht">
order allow,deny
deny from all
</Files>

<Files ~ "^sess[a-zA-Z0-9\-_\.]*$">
order allow,deny
deny from all
</Files>


This is designed to prevent itself, all files beginning with "sess" and
the directory listing from being viewed.

Right now I get the expected 403 Forbidden if I try to view the
directory listing and if I try to view .htaccess itself via browser,
however, when I try to view any file beginning with "sess" it lets me
view it though it's not supposed to do so.

I tried every known regular expression pattern onto "sess" and all
failed to block. Is there something else I need to do to prevent
"sess" files from being blocked? They are PHP session files and I
don't really have any control over permission settings for these files
else I would not bother with .htaccess

Thanx
Phil