2012/3/26 Téssio Fechine <precheca123@xxxxxxxxxxxx> > > Hello, > I am learning apache, and the ironic part is that reading the apache > documentation on acl reinforced my doubt in this matter. > > In this part: > In the following example, all hosts in the apache.org domain are allowed > access; all other hosts are denied access. > > Order Deny,Allow > Deny from all > Allow from apache.org > > --- > My interpretation on this example: > > Order Deny,Allow (allow everything, unless specifically denied) > Deny from all (deny everything.. kind of contradictory after the last > line) > Allow from apache.org (allow this specific hosts) > > --- > Why not use this, that has fewer steps and seems more logical?: > > Order Allow,Deny (deny by default) > Allow from apache.org (allow this specific hosts) > > I am getting it wrong or what? Why almost every example I see seems kind > of contradictory? The main differences are when you match both allow and deny, or match neither. With "allow,deny", you must match an "allow", and not match any "deny"s to get access, and with "deny,allow", you always get access unless you match a "deny". This allows you to control whether it is more important that if you specifically deny someone that they do not get access, or whether it is more important that if you specifically allow someone that they do get access. Cheers Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|