0N/A<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">

2365N/A<HTML>

0N/A<HEAD>

0N/A<TITLE>Access Control by URL</TITLE>

0N/A</HEAD>

0N/A

0N/A<BODY

0N/A BGCOLOR="#FFFFFF"

0N/A TEXT="#000000"

0N/A LINK="#0000FF"

0N/A VLINK="#000080"

0N/A ALINK="#FF0000"

0N/A>

0N/A<H1 ALIGN="CENTER">Access Control by URL</H1>

0N/A

0N/A<h2><a name="location">The <code>&lt;Location&gt;</code> Directive</a></h2>

2365N/A

2365N/A<strong>Syntax:</strong> &lt;Location <em>URL prefix</em>&gt;<br>

2365N/A<strong>Context:</strong> server config, virtual host<br>

0N/A<strong>Status:</strong> core<br>

2365N/A

2365N/A<p>The &lt;Location&gt; directive provides for access control by

URL. It is comparable to the <a

href="mod/core.html#directory">&lt;Directory&gt;</a> directive, and

should be matched with a &lt;/Location&gt; directive. Directives that

apply to the URL given should be listen

within. <code>&lt;Location&gt;</code> sections are processed in the

order they appear in the configuration file, after the

&lt;Directory&gt; sections and <code>.htaccess</code> files are

read.</p>

<p>Note that, due to the way HTTP functions, <em>URL prefix</em>

should, save for proxy requests, be of the form <code>/path/</code>,

and should not include the <code>http://servername</code>. It doesn't

necessarily have to protect a directory (it can be an individual

file, or a number of files), and can include wild-cards. In a wild-card

string, `?' matches any single character, and `*' matches any

sequences of characters.

<p>This functionality is especially useful when combined with the

<code><a href="mod/mod_mime.html#sethandler">SetHandler</a></code>

directive. For example, to enable status requests, but allow them only

from browsers at foo.com, you might use:

<pre>

&lt;Location /status&gt;

SetHandler server-status

order deny,allow

deny from all

allow from .foo.com

&lt;/Location&gt;

</pre>

</BODY>

</HTML>