httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthijs van der Klip <>
Subject RE: [users@httpd] nested htaccess files in conjuction with allow/deny
Date Mon, 21 Jun 2004 09:33:28 GMT
On Mon, 21 Jun 2004, Boyle Owen wrote:
> Just to be clear: You are controlling access *only* with mod_access
> (Allow,Deny) and not with Basic Authentication (password protection). I
> mention this because, as you probably know, you can't nest
> Authentication realms.

Only mod_access, no password protection indeed.

> 	This is a consequence of the "Order Deny,Allow" directive which
> allows by default and which is inherited by the subd-r but not overriden
> in the subdir .htaccess.
> I think the root cause is your original "Order" directive is the wrong
> way round. Read the docs for this directive carefully then try:

Alas, this did not resolve my problem:

I changed my (paranoid) settings in the virtualhost to:

  Order Allow,Deny

I changed my settings in test/.htaccess to:

  Order Allow,Deny
  Allow from

Settings in test/test2/.htaccess were left unmodified:

  Allow from

Exact same result as before, access to anybody is granted in test/test2. 
When I remove the test/test2/.htaccess (or comment the Allow line), access 
is granted to everyone on the test/.htaccess list.

Additionaly I tried removing the 'Order Allow,Deny' line from 
test/.htaccess as it is already present in my virtualhost definition. I 
get similar results to the nesting of htaccess files: access is granted to 
anybody in test/ even though the virtual host definition says 'Order 

I seems to me like any new use of mod_access leads to a reset of the 
previous settings: test/.htaccess resetting virtualhost settings, 
test/test2/.htaccess resetting test/.htaccess settings...

Thanks in advance,

Matthijs van der Klip
System Administrator
Spill E-Projects
The Netherlands

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message