AddType application/x-httpd-php .h
to my config file which helps secure them because they get parsed through php. However, I want them to be completly blocked. It doesn\'t matter whether apache gives an error or a blank page. Also, I\'m on windows which gives me less security but I was hoping there was somthing I could change to make apache protect them.