Skip to Main Content
Apache 2 Pocket Reference
book

Apache 2 Pocket Reference

by Andrew Ford
October 2008
Intermediate to advanced content levelIntermediate to advanced
204 pages
3h 2m
English
O'Reilly Media, Inc.
Content preview from Apache 2 Pocket Reference

Chapter 4. Access Controls

Access to resources can be restricted by authorization rules based on an authenticated user and by non-user-based access controls. If non-user-based access controls are specified, they are applied first. Authentication is only performed if needed to evaluate authorization rules specified with Require directives. Access controls and authorization rules can be restricted to particular HTTP methods by enclosing them in <Limit> or <LimitExcept> blocks.

Access controls can also be implemented with mod_rewrite, and the mod_ssl module provides SSL-based access control features.

Non-User-Based Access Controls

The mod_authz_host module implements non-user-based access controls. These are usually host-based but can also be tied to environment variables. Hosts are specified by full or partial domain names, full or partial IP addresses, network/netmask pairs, or network/prefix-length pairs.

If authorization rules and non-user-based access controls are specified, the Satisfy directive determines whether requests have to satisfy either or both; authentication and authorization will be skipped if, having evaluated the access controls, Apache can determine definitively whether access is allowed or denied.

Allow

DH* (Limit)

mod_authz_host (B)

Allow from  { all | { host | env=var } ... }

Allows requests to a resource from the specified hosts or with the specified environment variable set.

Deny

DH* (Limit)

mod_authz_host (B)

Deny from  { all | { host | env=var } ... }

Denies requests to ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Learning Apache mod_rewrite

Learning Apache mod_rewrite

Daryl Wood
Sams Teach Yourself Apache 2 in 24 Hours

Sams Teach Yourself Apache 2 in 24 Hours

Daniel López Ridruejo, Ian Kallen

Publisher Resources

ISBN: 9780596154899Errata Page