web.config: Y can't I deny .html and img file(s) access

[GeeWond3r]

From my web.config, I'm able to deny certain users to one of my application folder but how come certain files are still accessible? For example, my .aspx files are secured but not my other files (.html, .jpg, .txt, and even .asp). Y so?? Is there a way to secured everything that's in that application folder by way of web.config??

"Things that make you go hmmm..