Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Security : Education - Tutorials
Securing your Web server		ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
2. Securing Apache's default configuration
  


The allow and deny directives page 6 of 8


So, how do you control access to a given directory, file, or directory structure? By using the allow and deny directives. These directives can take one of two forms:


allow | deny from address-expression

or 


allow | deny from env=environment-variable

The address-expression can be one of the following: the special keyword ALL, meaning all possible hosts; a full or partial domain name; a full or partial numeric IP address; a network/netmask pair (for example, 192.168.1.0/255.255.255.0); or a CIDR address specification (for example, 127.0.0.0/24).

So the following directive, placed in the global section of httpd.conf:


deny from all
allow from 127.0.0.1

would allow only the resident localhost host to connect to the running Web server.

Now let's add another layer of control to the equation: the order directive.


Main menuSection menuFeedbackPreviousNext
Privacy Legal Contact