[APACHE DOCUMENTATION]

Module mod_access

This module is contained in the mod_access.c file, and is compiled in by default. It provides access control based on client hostname or IP address.
  • allow
  • deny
  • order

  • allow

    Syntax: allow from host host ...
    Context: directory, .htaccess
    Override: Limit
    Status: Base
    Module: mod_access

    The allow directive affects which hosts can access a given directory; it is typically used within a <Limit> section. Host is one of the following:

    all
    all hosts are allowed access
    A (partial) domain-name
    host whose name is, or ends in, this string are allowed access.
    A full IP address
    An IP address of a host allowed access
    A partial IP address
    The first 1 to 3 bytes of an IP address, for subnet restriction.
    Example:
    allow from .ncsa.uiuc.edu
    All hosts in the specified domain are allowed access.

    Note that this compares whole components; bar.edu would not match foobar.edu.

    See also deny and order.


    deny

    Syntax: deny from host host ...
    Context: directory, .htaccess
    Override: Limit
    Status: Base
    Module: mod_access

    The deny directive affects which hosts can access a given directory; it is typically used within a <Limit> section. Host is one of the following:

    all
    all hosts are denied access
    A (partial) domain-name
    host whose name is, or ends in, this string are denied access.
    A full IP address
    An IP address of a host denied access
    A partial IP address
    The first 1 to 3 bytes of an IP address, for subnet restriction.
    Example:
    deny from 16
    All hosts in the specified network are denied access.

    Note that this compares whole components; bar.edu would not match foobar.edu.

    See also allow and order.


    order

    Syntax: order ordering
    Default: order deny,allow
    Context: directory, .htaccess
    Override: Limit
    Status: Base
    Module: mod_access

    The order directive controls the order in which allow and deny directives are evaluated. Ordering is one of

    deny,allow
    the deny directives are evaluated before the allow directives.
    allow,deny
    the allow directives are evaluated before the deny directives.
    mutual-failure
    Only those hosts which appear on the allow list and do not appear on the deny list are granted access.
    Example:
    order deny,allow deny from all allow from .ncsa.uiuc.edu
    Hosts in the ncsa.uiuc.edu domain are allowed access; all other hosts are denied access.
    The manual translated into Japanese is here.

    Index Home