views:

172

answers:

1

Apache's Order/Allow/Deny directives are permitted within a <Directory> context. What happens when a set of these directives is present within a <Directory> for the current directory and within a <Directory> for a parent?

http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order gives an order - Allow and Deny are evaluated depending on the Order directive.

http://httpd.apache.org/docs/2.2/mod/core.html#directory gives another order - <Directory> directives are applied "shortest match first".

Which of these takes precedence?

Considering the first order, if we have "Order Allow, Deny", the link says "First, all Allow directives are evaluated [...] Next, all Deny directives are evaluated. If any matches, the request is rejected" - does this include Allow/Deny directives within <Directory> directives for parents? Does a Deny in a parent directory thus override an "Allow" in the current directory?

A: 

See comment on question.

Paul Baker