httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 25000] New: - conflicting ORDER documentation
Date Wed, 26 Nov 2003 04:00:00 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25000>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25000

conflicting ORDER documentation

           Summary: conflicting ORDER documentation
           Product: Apache httpd-2.0
           Version: 2.0.48
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Documentation
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: claire-spam@noise.net.nz


I want to restrict access to my webserver to four users within the office. The 
first snippet of help would suggest I use Order deny,allow and the second 
snippet would suggest Order allow,deny.

===============================================================================

http://localhost/manual/howto/auth.html

Using Order will let you be sure that you are actually restricting things to 
the group that you want to let in, by combining a Deny and an Allow directive:

Order deny,allow
Deny from all
Allow from dev.example.com 

Listing just the Allow directive would not do what you want, because it will 
let folks from that host in, in addition to letting everyone in. What you want 
is to let only those folks in.

==============================================================================

http://localhost/manual/mod/mod_access.html#order

Deny,Allow 
The Deny directives are evaluated before the Allow directives. Access is 
allowed by default. Any client which does not match a Deny directive or does 
match an Allow directive will be allowed access to the server. 
Allow,Deny 
The Allow directives are evaluated before the Deny directives. Access is denied 
by default. Any client which does not match an Allow directive or does match a 
Deny directive will be denied access to the server.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message