Access Configuration

Overview

When creating a document tree, NCSA httpd allows you to control certain aspects of the branches (directories) of that tree.

Access
Restrict access to a branch to allowed hosts or authenticated users.
Server features
Branches considered unsafe can be made more secure by disabling certain server functions in those directories.

Methods

There are two methods for controlling access to directories.

Global Access Configuration File (ACF)
A document in your server's conf directory, specified by the Server Configuration directive AccessConfig, controls access to any directory in your tree.
httpd requires that you set up the Global ACF.
Per-directory Access Configuration Files
Within your document tree, files with the name (normally #haccess.ctl) specified by the AccessFileName directive in the Resource Configuration File control access to the directory they are in as well as any subdirectories.
Per-directory ACFs are optional. They can be restricted or completely forbidden by the Global ACF.

Directives

In addition to the general information which applies to all NCSA httpd configuration files, the access control files support the notion of sectioning directives.

This is a list of the directives and sectioning directives used when writing an ACF. Each directive specifies where it can be used, and gives examples of usage.

Additional Information

Please read these guidelines to setting up a secure server.

Marc of NCSA has written a tutorial on User Authentication that may be of interest. Some of the info in this document doesn't pertain to the Windows version.

You will also want to know how to manage users for user authentication.

Return to Configuration Instructions

rdenny@netcom.com