httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Yau" <>
Subject RE: [users@httpd] allow override directive
Date Thu, 15 Jan 2004 20:16:18 GMT

> Check the examples out also. I actually read this this morning and had to
> read it about three to four times over to make sure I was
> comprehending what
> it said.  Like you, I thought Order Deny,Allow was the more
> restrictive but
> apparently not.  Because the allow is evaluated last.  So
> theoretically your
> user could put a "allow from all" in his .htaccess file and that
> would allow
> everyone in regardless of your deny and allow. (which is the
> symptom you are
> seeing even though your allow is only from one IP)

Something else interesting along the above line of thought:

Theoretically, if you do

order allow,deny

if you put in "deny from all" no one will be able to visit your site since
deny is evaluated last.   So be careful of that also.

Back to your original question, I'm thinking that there may just be a syntax
error in your Allow statement so that it matches ALL ip addresses instead of
one.  Or else there is another Allow somewhere that is overriding this
specific Allow.  I'm just thinking out loud but perhaps since you have a
wildcard in your <Directory> defintion, perhaps the .htaccess file in the
last matching directory for that wildcard is the overriding .htaccess ?  So
if you happen to have an "Allow from all" in that one .htacces file it could
override all your other ?*/.htaccess files?

Do you even need the wildcard?  SInce it seems like you want all subdirs to
have the same access (since they are usernames) you should be able to just

<Directory "/home/apache/">



cut and paste:

<Directory> and </Directory> are used to enclose a group of directives that
will apply only to the named directory and sub-directories of that


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message