image\howbutt.gifUsing the access configuration file

The access.conf file is the third file that must be configured to set up an HTTP server. You can configure or reconfigure the access.conf file by setting the value of one or more directives. You can open the access.conf file and change the value of a directive in a text editor. The access.conf file is responsible for setting the security of the HTTP server. For example, you can set the Allow directive to allow an HTTP client with a specific IP address access to the HTTP server. You can also use the Deny directive to prohibit an HTTP client with a specific IP address access to the HTTP server. Listed below are the important directives which appear in the access.conf file.

All the directives that appear in the access.conf file must appear between opening and closing directory tags. You must specify the directory in the opening tag. For example, if you want to specify the /var/www/ directory, you would specify this directory in the opening directory tag. The opening tag must be followed by a closing tag. For example:

<Directory /var/www>

</Directory>

You can specify a directive, which is applicable to the directory, within the directory tags. For example you could insert the AllowOverride directive within the directory tags. For example:

<Directory /var/www>

AllowOverride None

</Directory>

image\nicon.gif Notes

Options

You can set which HTTP server features are available in a particular directory. You can set the Options directive to none, or you can set the Options directive to one or more of the following:

You can set more then one option for the Options directive. In the following example the Indexes and MultiViews options are set:

<Directory /var/www>

Options Indexes MultiViews

</Directory>

You can set the all options except for the MultiViews. Refer to the following:

<Directory /var/www>

Options All

</Directory>

image\nicon.gif Notes

AllowOverride

The HTTP server needs to know which directives declared in the .htaccess file can override access information located in the access.conf file. You can set security settings in a .htaccess file. If security settings defined in the .htaccess file contradict security settings defined in the access.conf file, the HTTP server needs to know which settings in the access.conf file can be overridden. You can set the Override directive to None, in which case the HTTP server does not read the .htaccess file. You can set this directive to one of the following values:

In the following example, the AllowOverride directive is set to None.

<Directory /var/www>

AllowOverride None

</Directory>

image\nicon.gif Notes

Order

You can use the Order directive to determine the order that the Allow and Deny directives are evaluated. The Allow and Deny directives determine which HTTP clients can access a given directory. You can set this directive to one of the following:

In the following example, the Allow directive is evaluated before the Deny directives.

<Directory /var/www/>

Order allow,deny

allow from all

deny from 120.150.8.43

deny from 120.150.106.6

deny from 120.150.4.65

</Directory> 

Allow

You can set the Allow directive to allow an HTTP client access to a specific directory. You can set this directive to one of the following:

In the following example, the Allow directive is set to all. All HTTP clients can access the /var/www directory, except for HTTP clients with the specified IP addresses.

<Directory /var/www>

Order allow,deny

allow from all

deny from 120.150.8.43

deny from 120.150.106.6

deny from 120.150.4.65

</Directory> 

Deny

Setting the Deny directive prohibits an HTTP client from accessing a specified directory. You can deny access to the document root directory to prevent an HTTP client from accessing the Web site. For information about the document root directory, see the DocumentRoot directive in "Using the srm configuration file."

You can set the Deny directive to be one of the following:

In the following example, three IP addresses are prohibited from accessing the /var/www directory. You can multiple Deny directives.

<Directory /var/www/Islands>

Order allow,deny

allow from all

deny from 120.150.8.43

deny from 120.150.106.6

deny from 120.150.4.65

</Directory>