httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From BAO RuiXian <ruixian....@pp.inet.fi>
Subject Re: [users@httpd] Deny,Allow confusion
Date Sun, 29 May 2005 15:29:35 GMT
Hello, Maxim,

>###
>1. Order Deny,Allow
>2. Deny from all
>3. Allow from dev.example.com
>###
>
>This actually says:
>1. By default allow access to everyone (because it's deny, allow)
>2. Now deny from everyone.
>3. Now allow only to dev.example.com.
>
>So at the end, only users from dev.example.com will receive access to
>the path, correct ?
>
>  
>

I think so.

>If so, why use deny then allow, wouldn't this produce the same result?
>###
>1. Order Allow,Deny
>2. Allow from dev.example.com
>###
>
>  
>

In this case, yes. I think it is same.

>And at general, do I always need use deny & allow, or can I just use
>one of them (like deny) because Apache by default allows access to
>everyone, isn't this the case?
>
>  
>

I think if one is enough, why two. It depends what you want to do.  Also 
as you know already, the directive Order might change the default.

>also, for this, are the two similar?
>
>  
>

I don't think they are same.

>###
><Directory /docroot>
>Order Deny,Allow
>Deny from all
>Allow from env=let_me_in
></Directory>
>###
>
>  
>

This only allows "env=let_me_in", because Allow is evaluated after Deny.

>###
><Directory /docroot>
>Order Allow,Deny
>Allow from env=let_me_in
>Deny from all
></Directory>
>###
>
>  
>

This will deny all hosts, because "Deny from all" will overwrite the 
Allow directive.

>Thank you very much.
>
>  
>

You are welcome.

RuiXian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message