You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Maxim Vexler <hq...@gmail.com> on 2005/05/29 16:40:08 UTC
[users@httpd] Deny,Allow confusion
(A basic question I assume)
For this configuration:
###
1. Order Deny,Allow
2. Deny from all
3. Allow from dev.example.com
###
This actually says:
1. By default allow access to everyone (because it's deny, allow)
2. Now deny from everyone.
3. Now allow only to dev.example.com.
So at the end, only users from dev.example.com will receive access to
the path, correct ?
If so, why use deny then allow, wouldn't this produce the same result?
###
1. Order Allow,Deny
2. Allow from dev.example.com
###
And at general, do I always need use deny & allow, or can I just use
one of them (like deny) because Apache by default allows access to
everyone, isn't this the case?
Could someone please clarify things a bit, I'm quite confused with
this deny,allow combinations.
also, for this, are the two similar?
###
<Directory /docroot>
Order Deny,Allow
Deny from all
Allow from env=let_me_in
</Directory>
###
###
<Directory /docroot>
Order Allow,Deny
Allow from env=let_me_in
Deny from all
</Directory>
###
Thank you very much.
--
Cheers,
Maxim Vexler (hq4ever).
Do u GNU ?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Deny,Allow confusion
Posted by BAO RuiXian <ru...@pp.inet.fi>.
Hello, Maxim,
>###
>1. Order Deny,Allow
>2. Deny from all
>3. Allow from dev.example.com
>###
>
>This actually says:
>1. By default allow access to everyone (because it's deny, allow)
>2. Now deny from everyone.
>3. Now allow only to dev.example.com.
>
>So at the end, only users from dev.example.com will receive access to
>the path, correct ?
>
>
>
I think so.
>If so, why use deny then allow, wouldn't this produce the same result?
>###
>1. Order Allow,Deny
>2. Allow from dev.example.com
>###
>
>
>
In this case, yes. I think it is same.
>And at general, do I always need use deny & allow, or can I just use
>one of them (like deny) because Apache by default allows access to
>everyone, isn't this the case?
>
>
>
I think if one is enough, why two. It depends what you want to do. Also
as you know already, the directive Order might change the default.
>also, for this, are the two similar?
>
>
>
I don't think they are same.
>###
><Directory /docroot>
>Order Deny,Allow
>Deny from all
>Allow from env=let_me_in
></Directory>
>###
>
>
>
This only allows "env=let_me_in", because Allow is evaluated after Deny.
>###
><Directory /docroot>
>Order Allow,Deny
>Allow from env=let_me_in
>Deny from all
></Directory>
>###
>
>
>
This will deny all hosts, because "Deny from all" will overwrite the
Allow directive.
>Thank you very much.
>
>
>
You are welcome.
RuiXian
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org