Reputation: 41
What could cause deny,allow directive to be ignored in .htaccess?
I cannot get allow and deny directives to work from an htaccess file within any directory in my web root. I am at a loss as to where I should look to configure this. I have checked the obvious (authz modules are loaded, allow overrides is set to all) Any ideas? Here are my configuration details.
I have an Apache 2.2 server running on RHEL. Within this server I have an IP based VirtualHost that is configured like where myipaddr and myserver are the actual IP address and host name respectively:
<VirtualHost myipaddr:80>
ServerName myserver
TransferLog /var/log/httpd/myserver.access
LogFormat loadbalanced
ErrorLog /var/log/httpd/myserver.error
DocumentRoot /var/www/myserver
<Directory /var/www/myserver>
Options -Indexes FollowSymLinks
AllowOverride All
</Directory>
</VirtualHost>
I have tried more complex directives but even a simple .htaccess file that should deny everything has no effect.
Order deny,allow
Deny from all
Upvotes: 1
Views: 1021
Answers (1)
Reputation: 41
It turns out the was a configuration file in /etc/httpd/conf.d that I did not realize was getting loaded and it was trumping the denies and allows within specific directories.
<Location />
Order allow,deny
Allow from all
<LimitExcept GET POST PUT DELETE>
Deny from all
</LimitExcept>
</Location>
Upvotes: 2
Related Questions
- .htaccess deny from all
- .htaccess, order allow, deny, deny from all: confusion
- order deny,allow not working in htaccess
- .htaccess deny from all doesn't work
- htaccess use of Order Deny,Allow
- Apache 2.4 .htaccess file doesn't deny access
- .htaccess deny from all BUT server
- .htaccess access restriction not working
- Access despite deny from entry in htaccess
- .htaccess deny all, except?