I am running apache web server on Rocky.
If I try to deny access to a file using .htaccess it still allows access, but if I do it in the httpd.conf it works as expected.
.htaccess has 644 permissions and httpd_sys_content_t selinux label.
Deny from all
to the Directory where .htaccess is. Eg:
Require all granted
assuming .htaccess is here and then create/edit .htaccess to include what you want.
Require all denied instead