Apache's order deny allow setting description _linux

Source: Internet
Author: User
Tags parent directory
So, the most common is:
Order Deny,allow
Allow from all

Note that there is only one comma in the middle of "Deny,allow", and there can be only one comma, and there will be errors in the spaces.

The meaning set above is to set "first check prohibit set, no prohibition of all allow", and the second sentence without deny, that is, no access to prohibit the setting, directly is to allow all access. This is primarily used to ensure or overwrite the settings of the parent directory, and to open access to all content.

As explained above, the following settings are unconditional access forbidden:
Order Allow,deny
Deny from all

If you want to block access to part of the content, all others are open:
Order Deny,allow
Deny from Ip1 ip2
Or
Order Allow,deny
Allow from all
Deny from Ip1 ip2

Apache will decide which rule to use in accordance with the order, such as the second way, although the second sentence allow allow access, but because in order allow is not the final rule, so also need to see if there is a deny rule, so to the third sentence, Interviews with IP1 and IP2 were banned. Note that the "last" rule of the order decision is very important, and here are two examples of errors and how to correct them:

Order Deny,allow
Allow from all
Deny from domain.org
Error: Want to prohibit access from domain.org, but the deny is not the final rule, Apache in the second sentence to deal with the allow has been successful, not to see the third sentence.
Solution: Order Allow,deny, the following two words do not move, you can.

Order Allow,deny
Allow from Ip1
Deny from all
Error: Want to allow only access from IP1, however, although the Allow rule is set in the second sentence, since the Deny is in the order, the third sentence will prevail, and the third sentence contains the ip1 (all include ip1), so all access is prohibited.
Solution One: Remove the third sentence directly.
Workaround Two:
Order Deny,allow
Deny from all
Allow from Ip1

Summary: In order Deny,allow, the latter one is bound to be executed (with the corresponding allow or Deny statements), if not, according to semantic analysis.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.