[users@httpd] Keeping denial statements from interfering with each other?

[Hadmut Danisch <ha...@danisch.de>]

Hi,

just a problem occuring with an apache server:


The config contains common rules to deny access to particular files,
e.g.

  <Files ~ "\.htaccess$">
    Order allow,deny
    Deny from all
  </Files>


Works as expected.


But now the site was under attack from particular IP addresses. A section

<Location / >
  deny from a.b.c.d/20
</Location

was added with some ip network a.b.c.d.


The strange side effect was that now the .htaccess files became readible 
from
ip addresses other than a.b.c.d, because the Location directive is evaluated
after the Files directive and overrides it in the sense that everything 
from
IP addresses other than a.b.c.d is allowed.

What is the best way to keep such deny clauses from interferring with 
each other?


regards
Hadmut




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org