httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aaron.dun...@centrelink.gov.au
Subject [users@httpd] Question on authentication order in mod_access
Date Wed, 21 Apr 2004 23:52:40 GMT
Hi,

I was wondering if someone could please clear up some confusion I have 
regarding the directives for the mod_access module.

I have looked at the following URL for information on the 'Order' 
directive:

        http://httpd.apache.org/docs-2.0/mod/mod_access.html#order

and this states that:

        for "Order deny,allow" access is allowed by default
and
        for "Order allow,deny" access is denied by default

>From that info I would expect that, should I wish to only allow access to 
apache.org (and deny all others) I would use the following entries:

        Order allow,deny
        Allow from apache.org

However, the examples provided use the following entries:

        Order deny,allow
        Deny from all
        Allow from apache.org

So, my questions are essentially:

        a) which option is more efficient?:
                - use the "fall through" default access to deny anything 
not matched (with the "allow,deny" ordering)
             or
                - explicitly deny everyone and then allow apache.org

        b) are there any other reasons, apart from efficiency, that one 
method should be chosen over another

I apologise if this question has been covered before; I was unable to 
locate my answer in the FAQs or in the archives before posting.

regards,
Aaron Duncan


Important:  This e-mail is intended for the use of the addressee and may contain information
that is confidential, commercially valuable or subject to legal or parliamentary privilege.
 If you are not the intended recipient you are notified that any review, re-transmission,
disclosure, use or dissemination of this communication is strictly prohibited by several Commonwealth
Acts of Parliament.  If you have received this communication in error please notify the sender
immediately and delete all copies of this transmission together with any attachments.


Mime
View raw message