next up previous contents
Next: Restricting Users Up: NCSA's HTTPD Server Previous: The Server Configuration

The Access Configuration File - access.conf

The file `` access.conf'' allows you to enable access control on your server. By default, any files in the WWW server's directory subtree are accessible.

For instance, a fairly open server with one directory only accessible by people at UCL may have the `` access.conf'' file:

<Directory /www/htdocs>
<Limit GET>
order allow,deny
allow from all
</Limit>
</Directory>

<Directory /www/htdocs/people/secure>
<Limit GET>
order deny,allow
deny from all
allow from .ucl.ac.uk
</Limit>
</Directory>

The file consists of a sequence of <Directory> entries. Each directory entry controls access to the file system subtree rooted at that directory. Each directory entry can also contain access limitations for the different HTTP access methods using the `` Limit'' command. The basic form of access control for each method consists of a list of `` allow'' and `` deny'' entries and, optionally, a set of `` require'' entries for password authorisation. You can allow or deny individual hosts, domains, even countries. For instance the directory `` /www/htdocs/people/secure'' above is only visible to people whose domain matches `` .ucl.ac.uk''. This would therefore allow `` speedy.cs.ucl.ac.uk'' to access the directory, but not `` rodent.jnt.ac.uk''. If two entries (other than the default) match and contradict each other, the order command says which one of the two rules, deny or allow, is applied.





Jon Crowcroft
Wed May 10 11:46:29 BST 1995