On Sat, 5 Feb 2005 johnsuth@xxxxxxxxxxxxx wrote:
For the tag http_access, my .conf says:-
"NOTE on default values: If there are no 'access' lines present, the default is to deny the request."
This implies DENY BY DEFAULT which is a common convention in this context.
No it does not. Read the first part of that sentence again.
However all following text contradicts that. e.g.:-
"If none of the access lines causes a 'match', the default is the opposite of the last line in the list. If the last line was deny, then the default is allow. Conversly, if the last line is allow, the default will be deny. For these reasons, it is a good idea to have an 'deny all' or 'allow all' entry at the end of your access lists to avoid POTENTIAL CONFUSION."
I see no contradiction here.
If you have no http_access rules AT ALL all requests will be denied as you have not configured the access controls.
If you have http_access lines but none matches the request the action the opposite of your last http_access rule.
Regards Henrik
