httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Kennington <robert.kenning...@yahoo.com>
Subject Suggested Update for Explanation of Control Directive Apache Module mod_authz_host
Date Wed, 16 Aug 2006 01:04:53 GMT
Hi, 

I'd like to contribute the following: 

Cheers, 
Bob K. 

- - - - -

Recommended update for the explanation of the Order
Directive in
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order

The phrase "All hosts not in the apache.org domain
will also be allowed access because the default state
will change to allow." is not correctly stated because
the INITIAL default state is "ALLOW" prior to applying
the Deny and Allow directives/rules. I tried to think
of a revision, but it is probably best just to delete
it.

Overall, I find the explanation of the Order Directive
confusing because it presents a logical perspective
that is correct but not very easy to understand. I
find it easier to see this for what it is - a three
pass filter. So, here's suggested revision: 

- - - - -
The Order directive determines the initial access
state (DENY or ALLOW) and the order in which Allow and
Deny directives are evaluated. 

The "Order Allow,Deny" directive determines access as
follows: 

  1) Initially, all domains are flagged as DENY.
  2) Domains matching the Allow directive are flagged
Allow
  3) Domains matching the Deny directive are flagged
Deny

The "Order Deny,Allow" directive determines access as
follows: 

  1) Initially, all domains are flagged as ALLOW 
  2) Domains matching the Allow directive are flagged
Allow
  3) Domains matching the Deny directive are flagged
Deny

Then provide the examples minus the logical
explanation. 

- - - - -

Leaving out the logical perspective and calling a
spade a spade makes it much easier for an
administrator to assess what his configuration
settings will do with these directives. I'll be glad
to expand on this revision of the section if you all
like this contribution. 

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message