Gecko [ www.jdcpatala.org ]

Name	Size	Permission
access.html	289 B	-rw-r--r--
access.html.en	13.48 KB	-rw-r--r--
access.html.es	14.67 KB	-rw-r--r--
access.html.fr.utf8	14.67 KB	-rw-r--r--
auth.html	538 B	-rw-r--r--
auth.html.en	36.79 KB	-rw-r--r--
auth.html.es	43.08 KB	-rw-r--r--
auth.html.fr.utf8	39.8 KB	-rw-r--r--
auth.html.ja.utf8	44.12 KB	-rw-r--r--
auth.html.ko.euc-kr	20.56 KB	-rw-r--r--
auth.html.tr.utf8	38.35 KB	-rw-r--r--
cgi.html	449 B	-rw-r--r--
cgi.html.en	30.3 KB	-rw-r--r--
cgi.html.es	35.69 KB	-rw-r--r--
cgi.html.fr.utf8	34.22 KB	-rw-r--r--
cgi.html.ja.utf8	35.95 KB	-rw-r--r--
cgi.html.ko.euc-kr	25.81 KB	-rw-r--r--
htaccess.html	568 B	-rw-r--r--
htaccess.html.en	27.4 KB	-rw-r--r--
htaccess.html.es	29.59 KB	-rw-r--r--
htaccess.html.fr.utf8	30.3 KB	-rw-r--r--
htaccess.html.ja.utf8	28.22 KB	-rw-r--r--
htaccess.html.ko.euc-kr	20.17 KB	-rw-r--r--
htaccess.html.pt-br	25.49 KB	-rw-r--r--
http2.html	286 B	-rw-r--r--
http2.html.en	25.65 KB	-rw-r--r--
http2.html.es	28.66 KB	-rw-r--r--
http2.html.fr.utf8	29.4 KB	-rw-r--r--
index.html	550 B	-rw-r--r--
index.html.en	8.42 KB	-rw-r--r--
index.html.es	8.14 KB	-rw-r--r--
index.html.fr.utf8	8.88 KB	-rw-r--r--
index.html.ja.utf8	7.81 KB	-rw-r--r--
index.html.ko.euc-kr	6.29 KB	-rw-r--r--
index.html.zh-cn.utf8	6.47 KB	-rw-r--r--
public_html.html	580 B	-rw-r--r--
public_html.html.en	13.34 KB	-rw-r--r--
public_html.html.es	14.16 KB	-rw-r--r--
public_html.html.fr.utf8	14.29 KB	-rw-r--r--
public_html.html.ja.utf8	15.03 KB	-rw-r--r--
public_html.html.ko.euc-kr	11.2 KB	-rw-r--r--
public_html.html.tr.utf8	14.29 KB	-rw-r--r--
reverse_proxy.html	217 B	-rw-r--r--
reverse_proxy.html.en	20.09 KB	-rw-r--r--
reverse_proxy.html.fr.utf8	21.91 KB	-rw-r--r--
ssi.html	449 B	-rw-r--r--
ssi.html.en	25.57 KB	-rw-r--r--
ssi.html.es	27.52 KB	-rw-r--r--
ssi.html.fr.utf8	27.68 KB	-rw-r--r--
ssi.html.ja.utf8	30.59 KB	-rw-r--r--
ssi.html.ko.euc-kr	22.29 KB	-rw-r--r--

Code Editor : access.html.en

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />

<title>Access Control - Apache HTTP Server Version 2.4</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
<script src="../style/scripts/prettify.min.js" type="text/javascript">
</script>

<p>Access control refers to any means of controlling access to any
    resource. This is separate from <a href="auth.html">authentication and authorization</a>.</p>
</div>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#related">Related Modules and Directives</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#host">Access control by host</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#env">Access control by arbitrary variables</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#rewrite">Access control with mod_rewrite</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#moreinformation">More information</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="related" id="related">Related Modules and Directives</a></h2>

<p>Access control can be done by several different modules. The most
    important of these are <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> and
    <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>. Also discussed in this document
    is access control using <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="host" id="host">Access control by host</a></h2>
    <p>
    If you wish to restrict access to portions of your site based on the
    host address of your visitors, this is most easily done using
    <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.
    </p>

<p>The <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
    provides a variety of different ways to allow or deny access to
    resources. In conjunction with the <code class="directive"><a href="../mod/mod_authz_core.html#requireall">RequireAll</a></code>, <code class="directive"><a href="../mod/mod_authz_core.html#requireany">RequireAny</a></code>, and <code class="directive"><a href="../mod/mod_authz_core.html#requirenone">RequireNone</a></code> directives, these
    requirements may be combined in arbitrarily complex ways, to enforce
    whatever your access policy happens to be.</p>

<div class="warning"><p>
    The <code class="directive"><a href="../mod/mod_access_compat.html#allow">Allow</a></code>,
    <code class="directive"><a href="../mod/mod_access_compat.html#deny">Deny</a></code>, and
    <code class="directive"><a href="../mod/mod_access_compat.html#order">Order</a></code> directives,
    provided by <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code>, are deprecated and
    will go away in a future version. You should avoid using them, and
    avoid outdated tutorials recommending their use.
    </p></div>

<p>The usage of these directives is:</p>

<pre class="prettyprint lang-config">Require host address
Require ip ip.address</pre>

<p>In the first form, <var>address</var> is a fully qualified
    domain name (or a partial domain name); you may provide multiple
    addresses or domain names, if desired.</p>

<p>In the second form, <var>ip.address</var> is an IP address, a
    partial IP address, a network/netmask pair, or a network/nnn CIDR
    specification. Either IPv4 or IPv6 addresses may be used.</p>

<p>See <a href="../mod/mod_authz_host.html#requiredirectives">the
    mod_authz_host documentation</a> for further examples of this
    syntax.</p>

<p>You can insert <code>not</code> to negate a particular requirement.
    Note, that since a <code>not</code> is a negation of a value, it cannot 
    be used by itself to allow or deny a request, as <em>not true</em>
    does not constitute <em>false</em>. Thus, to deny a visit using a negation,
    the block must have one element that evaluates as true or false.
    For example, if you have someone spamming your message
    board, and you want to keep them out, you could do the
    following:</p>

<pre class="prettyprint lang-config">&lt;RequireAll&gt;
    Require all granted
    Require not ip 10.252.46.165
&lt;/RequireAll&gt;</pre>

<p>Visitors coming from that address (<code>10.252.46.165</code>)
    will not be able to see the content covered by this directive. If, 
    instead, you have a machine name, rather than an IP address, you 
    can use that.</p>

<pre class="prettyprint lang-config">Require not host <var>host.example.com</var>
    </pre>

<p>And, if you'd like to block access from an entire domain,
    you can specify just part of an address or domain name:</p>

<pre class="prettyprint lang-config">Require not ip 192.168.205
Require not host phishers.example.com moreidiots.example
Require not host gov</pre>

<p>Use of the <code class="directive"><a href="../mod/mod_authz_core.html#requireall">RequireAll</a></code>, <code class="directive"><a href="../mod/mod_authz_core.html#requireany">RequireAny</a></code>, and <code class="directive"><a href="../mod/mod_authz_core.html#requirenone">RequireNone</a></code> directives may be
    used to enforce more complex sets of requirements.</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="env" id="env">Access control by arbitrary variables</a></h2>

<p>Using the <code class="directive"><a href="../mod/core.html#if">&lt;If&gt;</a></code>,
    you can allow or deny access based on arbitrary environment
    variables or request header values. For example, to deny access
    based on user-agent (the browser type) you might do the
    following:</p>

<pre class="prettyprint lang-config">&lt;If "%{HTTP_USER_AGENT} == 'BadBot'"&gt;
    Require all denied
&lt;/If&gt;</pre>

<p>Using the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
    <code>expr</code> syntax, this could also be written as:</p>

<pre class="prettyprint lang-config">Require expr %{HTTP_USER_AGENT} != 'BadBot'</pre>

<div class="note"><h3>Warning:</h3>
    <p>Access control by <code>User-Agent</code> is an unreliable technique,
    since the <code>User-Agent</code> header can be set to anything at all,
    at the whim of the end user.</p>
    </div>

<p>See <a href="../expr.html">the expressions document</a> for a
    further discussion of what expression syntaxes and variables are
    available to you.</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="rewrite" id="rewrite">Access control with mod_rewrite</a></h2>

<p>The <code>[F]</code> <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> flag causes a 403 Forbidden
    response to be sent. Using this, you can deny access to a resource based
    on arbitrary criteria.</p>

<p>For example, if you wish to block access to a resource between 8pm
    and 7am, you can do this using <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>

<pre class="prettyprint lang-config">RewriteEngine On
RewriteCond "%{TIME_HOUR}" "&gt;=20" [OR]
RewriteCond "%{TIME_HOUR}" "&lt;07"
RewriteRule "^/fridge"     "-" [F]</pre>

<p>This will return a 403 Forbidden response for any request after 8pm
    or before 7am. This technique can be used for any criteria that you wish
    to check. You can also redirect, or otherwise rewrite these requests, if
    that approach is preferred.</p>

<p>The <code class="directive"><a href="../mod/core.html#if">&lt;If&gt;</a></code> directive,
    added in 2.4, replaces many things that <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> has
    traditionally been used to do, and you should probably look there first
    before resorting to mod_rewrite.</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="moreinformation" id="moreinformation">More information</a></h2>

<p>The <a href="../expr.html">expression engine</a> gives you a
    great deal of power to do a variety of things based on arbitrary
    server variables, and you should consult that document for more
    detail.</p>

<p>Also, you should read the <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
    documentation for examples of combining multiple access requirements
    and specifying how they interact.</p>

<p>See also the <a href="auth.html">Authentication and Authorization</a>
    howto.</p>
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/howto/access.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../es/howto/access.html" hreflang="es" rel="alternate" title="Español">&nbsp;es&nbsp;</a> |
<a href="../fr/howto/access.html" hreflang="fr" rel="alternate" title="Français">&nbsp;fr&nbsp;</a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><![CDATA[//><!]]></script></div><div id="footer">
<p class="apache">Copyright 2023 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><![CDATA[//><!]]></script>
</body></html>

${this.title}

Code Editor : access.html.en