httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hadmut Danisch <>
Subject [users@httpd] Keeping denial statements from interfering with each other?
Date Sun, 06 Jan 2008 11:54:15 GMT

just a problem occuring with an apache server:

The config contains common rules to deny access to particular files,

  <Files ~ "\.htaccess$">
    Order allow,deny
    Deny from all

Works as expected.

But now the site was under attack from particular IP addresses. A section

<Location / >
  deny from a.b.c.d/20

was added with some ip network a.b.c.d.

The strange side effect was that now the .htaccess files became readible 
ip addresses other than a.b.c.d, because the Location directive is evaluated
after the Files directive and overrides it in the sense that everything 
IP addresses other than a.b.c.d is allowed.

What is the best way to keep such deny clauses from interferring with 
each other?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message