httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Shannon <>
Subject RE: [users@httpd] allow override directive
Date Thu, 15 Jan 2004 19:54:22 GMT
Yes, the require user does still work, and it is 2.0.47 that I am
running this on. 

I thought that my Order directive was already correct for a default deny
policy. "Order deny,allow" - ( from docs; "implements a restrictive
access policy where most hosts are denied and then a smaller subset
given access" ). Wrong? I also tried putting in the netmask, and it
didn't help any. 


On Thu, 2004-01-15 at 11:40, Ben Yau wrote:
> >
> > Hi all,
> >    I have a directory with nearly 2000 user specific directories. Each
> > of these has it's own .htaccess file with a require user specification.
> > I am also restricting these logins by IP address. In the global conf, I
> > have the following;
> >
> > <Directory "/home/apache/*">
> >    Options +Indexes +MultiViews FollowSymLinks
> >    AllowOverride AuthConfig Limit
> >    Order deny,allow
> >    deny from all
> >    Satisfy all
> > </Directory>
> >
> > The "require user" in the .htaccess files works fine, however, when I
> > place an "allow from" in the .htaccess file, it opens the
> > directory up to all IPs instead of just the one. This is only countered
> > if another "deny from all" is placed in the .htaccess file. I was under
> > the impression that unless the deny configuration was overwritten, the
> > global "deny from all" would stick.
> >
> Even though it opens it to all IP's, does the "require user" still working?
> It should since you have the Satisfy all.  If it doesn't, then yeah you
> definitely have some weird scoping thing going on.  That is a strange error
> you are getting.  I would think the Deny would stick but evidently it
> doesn't.  I went through the docs and didn't find much.
> What version of Apache are you using by the way?  I was having some strange
> errors with 2.0.48 with .htaccess and "require" and went back down to 2.0.47
> and things were smooth after that.
> Another suggestion: You may want to consider changing your Order to
> allow,Deny (is there a specific reason you chose deny,allow?).  That way at
> least the default behavior is to deny.
> You might also for kicks try putting in the netmask after the IP in your
> allow and see if that helps.
> Allow from
> Ben

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message