If you're saying the same thing both times, why do you have two separate Limit statements instead of one? Why not a single

<Limit GET POST PUT DELETE>
order deny,allow
deny from all
</Limit>

Homing in on the most trivial and irrelevant point first.

The horse's mouth [httpd.apache.org] says:

In the general case, access control directives should not be placed within a <Limit> section.

and

If GET is used it will also restrict HEAD requests.

Is there more to your htaccess? As written, you seem to be saying that nobody is allowed into the site, no way, nohow.

Could this affect SEO?

Hmmm...

Actuality these are included in my script. I don't understand why developer include these in htaccess file

Mat be they included it to protect spammer/hacker by <Limit> section. There is more in my htaccess as below line:

IndexIgnore .htaccess */.?* *~ *# */HEADER* */README* */_vti*

But I am not confirm these <Limit> section and above line will effect my visitor/ search engine rank. Is there any SEO problem ?

Once again this thread belongs is SSID!

Is there any SEO problem ?

If visitors are not allowed into your site (i. e., deny from all) than how are search engines going to see your site?

If the search engines cannot see (crawl and/or index) see your site, than there will NOT be any SEO.
Your site will not be listed.

Could this affect SEO?

Hmmm...

For what its worth, Lucy's answer says basically the same thing, however it apparently is not clear to her that English is not your primary language and "English logic" therefore does not apply.

She could have answered you more directly with a "yes, it stops SEO",

it apparently is not clear to her that English is not your primary language

You're right, I did miss that. (Remember, I'd only seen the first post.) Anyone can make mistakes in spelling or grammar
::tweet tweet, chirp chirp, sitting on hands::
but looking more closely, the consistently spaced punctuation in that first post is a dead giveaway.

Once again this thread belongs in SSID!

Didn't understand that last time, don't understand it this time either. It's unequivocally a "How do I do such-and-such?" question.

Matter of fact, even SSID is misnamed by now. Should be something like "Robot du Jour" :)

Once again this thread belongs is SSID!

Didn't understand that last time, don't understand it this time either.

The longtime participants (and for your deviation amusements, also formerly called "forum 11") in the SSID that are aware of bots (and their practices) are the same people that have been utilizing these methods for more than a decade.

Now i have changed it to as below :

IndexIgnore .htaccess */.?* *~ *# */HEADER* */README* */_vti*

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>

Is this OK? Search engine & visitor can see my site?

OR Do i use as below:

IndexIgnore .htaccess */.?* *~ *# */HEADER* */README* */_vti*

<Limit POST PUT DELETE>
order deny,allow
deny from all
</Limit>

Is this protect spammer/hacker to post/delete ?
And Please tell me is this side effect for search engine/visitor ?

Thanks a lot for your help.

Please do something else first. Please explain in regular English what you want to do. I am certain you don't want to lock everyone out of your web site.

You said htaccess. I suppose that means you are on shared hosting. Do not waste time trying to do things that your host has already taken care of. Find out what the default handling of PUT and DELETE is. There is probably a password involved.

Of course you cannot block GET, because that is the normal way to visit a www site. POST will depend on whether you have things like php files or forms that use POST.

I looked in my raw logs and could only find one PUT. It got a 500... but so did everything else that day. I made a mistake in my htaccess and didn't check right away. Oops. Unfortunately, this is really true.

I'm new here, but according to JDMorgan in an earlier post, your .htaccess should begin with the following:

# Don't list FrontPage or .htaccess files in auto-generated directory index pages
IndexIgnore .htaccess */.?* *~ *# */HEADER* */README* */_vti*
#
# Access Control
Order deny,allow
#
<Limit GET POST>
Deny from all
Allow from all
</Limit>
#
<LimitExcept GET POST>
Deny from all
</LimitExcept>

# Don't list FrontPage or .htaccess files in auto-generated directory index pages

There you get back to shared hosting. If the config file says anything about hiding files with leading dot, you don't need to repeat the information in your own htaccess. I think this is pretty standard in shared hosting simply because it's the kind of thing not everyone would know about but it's important. ("Ouch! When I said 'Show everything' I didn't mean 'Show everything'!")

I wish jd would swing by to explain

<Limit GET POST>
Deny from all
Allow from all
</Limit>

because it seems to be the Apache equivalent of "auto" or "inherit" in CSS: Do exactly what you would have done if I hadn't said anything.

Alas, i certainly cannot be the one to explain it...

Here's the link to the earlier post in case the context helps:
[webmasterworld.com...]

I hadn't included it in my original post since the topic jdMorgan was responding to (in 2010) was specifically about a redirect issue...but the part i referenced seemed to fit here.

In any case, don't mind me - after months of research & reading explanations, i'm about to place a cry-for-help post myself!

Good luck renegate & cheers to those trying to help:)

I wish jd would swing by to explain <Limit GET POST>

Deny from all
Allow from all
</Limit>

I stuttered to comment on this and then realized without the old reference my input would be useless.

Seem to recall that it's redundant and only one or the other applies. Unfortunately I don't recall if it was the first listing or the second listing that takes priority.
I've a nagging recollection that the 2nd listing is priority, and in this instance "Allow from all".

There should be an "order" statement with it.

There should be an "order" statement with it.

... which is where we came in. Are you still with us, Renegate?

Order Allow,Deny
Allow from all
Deny from all

Order Allow,Deny
Deny from all
Allow from all

both = Deny from all. In other words, This Site Is Closed.

Order Deny,Allow
Deny from all
Allow from all

Order Deny,Allow
Allow from all
Deny from all

both = Allow from all. Right?

But "allow from all" is the default, isn't it? So what have you said that you didn't say before? (That's the generic "you" = the person writing the code. Not any of the 75 people posting in this thread.)

g1smd,
Jim must have explained his preference for
order deny,allow

a thousand times or more and despite that effort, people are still copying and pasting allow,deny. Go Figure!

If there's any specific post(s) of Jim's with a typo (quite a rare event!), a moderator can be asked edit it/those.

But, but, but-- wouldn't "Order Deny,Allow" mean that you have to name every single IP that you're willing to admit? It's not like robots.txt where you can decide in advance who your friends are.

Or are we talking about some narrower context like POST or a particular directory?

But, but, but-- wouldn't "Order Deny,Allow" mean that you have to name every single IP that you're willing to admit?

No, I believe that would be "Order Allow,Deny"
[httpd.apache.org...]

Ordering is one of:

Allow,Deny
First, all Allow directives are evaluated; at least one must match, or the request is rejected.
Next, all Deny directives are evaluated. If any matches, the request is rejected.
Last, any requests which do not match an Allow or a Deny directive are denied by default.

Deny,Allow
First, all Deny directives are evaluated; if any match, the request is denied unless it also matches an Allow directive.
Any requests which do not match any Allow or Deny directives are permitted.

wouldn't "Order Deny,Allow" mean that you have to name every single IP

No.
That line does not function as a standalone, rather it requires a second line that determines action.
EX:
order deny,allow
allow from all

That second line (or in the previously misused two second lines) is what my point was. There should ONLY be one second line. With two one either doesn't function at all or, a precedence of order (not necessarily sequential) overrides the extra line.

This is very old stuff and there should be a wealth of information and examples.

I've used the opposite (below) for more than a decade and never made the transition despite Jim's numerous and logical explanations. With this use, I only listed denies in the mod-access section and the file functioned in that manner for more than a decade.

order allow,deny
allow from all

I'm sure the folks over in SSID would provide more information on this.

I think we're actually saying the same thing. I was talking about the full packages. If you have the two lines

Order Deny,Allow
Allow from all

then no matter what else you say or when you say it, the "allow from all" directive overrides your denys, because "allow" is evaluated after "deny".

And, if I'm reading Apache [httpd.apache.org] right, the second item in your "order" statement is the default. So if you do say "Order Deny,Allow" and nothing else, it's the same as adding "Allow from all".

... and then they point us to a whole nother page on how this all applies location/directory/files sections. Which is pretty crucial when you're on shared hosting and everything you say is at the directory level. And it gives me a nasty feeling that I recently told someone something about access that isn't always true.

Here's an old thread where Jim explains [webmasterworld.com] his preference for Deny, Allow.