Does the .htaccess file work as desired in other ways? If not, maybe your server doesn't support .htaccess.

If it does work as expected, the following lines should be placed in the server's httpd.conf:

<Files ~ "^\.ht"> 
 Order allow,deny 
 Deny from all 
 Satisfy All 
</Files>

That "Satisfy all" in the code may cause problems - it affects authentication (password-protected directories) and is not needed for the problem at hand. I'd leave it out, myself.

Jim

Hi Thanks for reply.

I have something like this in my http.conf file

#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess

<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>

And I have this in my .htaccess file which is in the root directory chmoded to 666. (for use with trap.pl to trap bad robots )

<Files ~ "^.*$">
order allow,deny
allow from all
deny from env=ban
</Files>

Don't know why it can be viewable in browser.

Because you probably have AllowOverrides FileInfo set, allowing .htaccess to override your configuration setting.

As a work-around, you could simply add

 SetEnvIf Request_URI "^\.ht" ban 

above your existing .htaccess code

Jim

Thank you for replies. Now it works. However I noticed a little bit slow (like one second waiting) loading my home page after I created the htaccess file which has only several lines.

The code above, modified as described, should not slow your server down in the least. Perhaps you have some other code that is causing a redirect loop?

I have one .htaccess file that is almost 30kB in size, and it does not slow down the server noticeably.

If your .htaccess file is slowing down your server, it would be a good idea to remove it until you can test to find out what is wrong -- usually late at night when your traffic drops off, if it does drop off.

Jim