mod_access.html revision 1b55e9e0a3c5fb40d9e46d3e6f711516a9a807fa
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<html xmlns="http://www.w3.org/TR/xhtml1/strict"><head><!--
fa11a1e5d812c442cfc865cfdcf9934074d35b7fvboxsyncXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync This file is generated from xml source: DO NOT EDIT
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsyncXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync--><title>mod_access - Apache HTTP Server</title><link href="/style/manual.css" type="text/css" rel="stylesheet"/></head><body><blockquote><div align="center"><img alt="[APACHE DOCUMENTATION]" src="/images/sub.gif"/><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Apache Module mod_access</h1><table cellspacing="1" cellpadding="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td valign="top"><span class="help">Description:</span></td><td><description>Provides access control based on client hostname, IP
1c94c0a63ba68be1a7b2c640e70d7a06464e4fcavboxsyncaddress, or other characteristics of the client request.</description></td></tr><tr><td><a href="module-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="module-dict.html#ModuleIdentifier" class="help">Module Identifier:</a></td><td>access_module</td></tr></table></td></tr></table><h2>Summary</h2><summary>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>The directives provided by mod_access are used in <a href="core.html#directory" class="directive"><code class="directive"><Directory></code></a>, <a href="core.html#files" class="directive"><code class="directive"><Files></code></a>, and <a href="core.html#location" class="directive"><code class="directive"><Location></code></a> sections as well as
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <code><a href="core.html#accessfilename">.htaccess</a></code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync files to control access to particular parts of the server. Access
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync can be controlled based on the client hostname, IP address, or
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync other characteristics of the client request, as captured in <a href="/env.html">environment variables</a>. The <a href="#allow" class="directive"><code class="directive">Allow</code></a> and <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives are used to
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync specify which clients are or are not allowed access to the server,
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync while the <a href="#order" class="directive"><code class="directive">Order</code></a>
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync directive sets the default access state, and configures how the
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync <a href="#allow" class="directive"><code class="directive">Allow</code></a> and <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives interact with each
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync <p>Both host-based access restrictions and password-based
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync authentication may be implemented simultaneously. In that case,
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync the <a href="core.html#satisfy" class="directive"><code class="directive">Satisfy</code></a> directive is used
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync to determine how the two sets of restrictions interact.</p>
a16eb14ad7a4b5ef91ddc22d3e8e92d930f736fcvboxsync <p>In general, access restriction directives apply to all
1c94c0a63ba68be1a7b2c640e70d7a06464e4fcavboxsync access methods (<code>GET</code>, <code>PUT</code>,
1c94c0a63ba68be1a7b2c640e70d7a06464e4fcavboxsync <code>POST</code>, etc). This is the desired behavior in most
1c94c0a63ba68be1a7b2c640e70d7a06464e4fcavboxsync cases. However, it is possible to restrict some methods, while
1c94c0a63ba68be1a7b2c640e70d7a06464e4fcavboxsync leaving other methods unrestricted, by enclosing the directives
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync in a <a href="core.html#limit" class="directive"><code class="directive"><Limit></code></a> section.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync</summary><p><strong>See also </strong></p><ul><li><a href="core.html#satisfy" class="directive"><code class="directive">Satisfy</code></a></li><li><a href="core.html#require" class="directive"><code class="directive">Require</code></a></li></ul><h2>Directives</h2><ul><li><a href="#allow">Allow</a></li><li><a href="#deny">Deny</a></li><li><a href="#order">Order</a></li></ul><hr/><h2><a name="Allow">Allow</a> <a name="allow">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Controls which hosts can access an area of the
616637905fa2f00febb1acd553136d7e56316f7cvboxsyncserver</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td><syntax> Allow from
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync [<em>host</em>|env=<em>env-variable</em>] ...</syntax></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>Limit</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_access</td></tr></table></td></tr></table><usage>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>The <code class="directive">Allow</code> directive affects which hosts can
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync access an area of the server. Access can be controlled by
d4735b69b7264bd158f61b9678d0c0dc1847904bvboxsync hostname, IP Address, IP Address range, or by other
d4735b69b7264bd158f61b9678d0c0dc1847904bvboxsync characteristics of the client request captured in environment
d4735b69b7264bd158f61b9678d0c0dc1847904bvboxsync variables.</p>
e06869a7894f42fb14132654a755832b63e1381dvboxsync <p>The first argument to this directive is always
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <code>from</code>. The subsequent arguments can take three
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync different forms. If <code>Allow from all</code> is specified, then
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync all hosts are allowed access, subject to the configuration of the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <a href="#deny" class="directive"><code class="directive">Deny</code></a> and <a href="#order" class="directive"><code class="directive">Order</code></a> directives as discussed
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync below. To allow only particular hosts or groups of hosts to access
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync the server, the <em>host</em> can be specified in any of the
e06869a7894f42fb14132654a755832b63e1381dvboxsync following formats:</p>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <dd>Example: <code>Allow from apache.org</code><br>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync Hosts whose names match, or end in, this string are allowed
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync access. Only complete components are matched, so the above
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync example will match <code>foo.apache.org</code> but it will
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync not match <code>fooapache.org</code>. This configuration will
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync cause the server to perform a reverse DNS lookup on the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync client IP address, regardless of the setting of the <a href="core.html#hostnamelookups" class="directive"><code class="directive">HostnameLookups</code></a>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync directive.</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync An IP address of a host allowed access</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync The first 1 to 3 bytes of an IP address, for subnet
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync restriction.</dd>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync fine-grained subnet restriction.</dd>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <dd>Example: <code>Allow from 10.1.0.0/16</code><br>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync Similar to the previous case, except the netmask consists of
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync nnn high-order 1 bits.</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>Note that the last three examples above match exactly the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync same set of hosts.</p>
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <p>IPv6 addresses and IPv6 subnets can be specified as shown
67a2fc8894a98a9db6668119ce9c3d07823da7c8vboxsync <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Allow from fe80::a00:20ff:fea7:ccea<br>
67a2fc8894a98a9db6668119ce9c3d07823da7c8vboxsync <p>The third format of the arguments to the
67a2fc8894a98a9db6668119ce9c3d07823da7c8vboxsync <code class="directive">Allow</code> directive allows access to the server
e06869a7894f42fb14132654a755832b63e1381dvboxsync to be controlled based on the existence of an <a href="/env.html">environment variable</a>. When <code>Allow from
67a2fc8894a98a9db6668119ce9c3d07823da7c8vboxsync env=</code><em>env-variable</em> is specified, then the request is
e06869a7894f42fb14132654a755832b63e1381dvboxsync allowed access if the environment variable <em>env-variable</em>
e06869a7894f42fb14132654a755832b63e1381dvboxsync exists. The server provides the ability to set environment
e06869a7894f42fb14132654a755832b63e1381dvboxsync variables in a flexible way based on characteristics of the client
67a2fc8894a98a9db6668119ce9c3d07823da7c8vboxsync request using the directives provided by
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <code><a href="mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync used to allow access based on such factors as the clients
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <code>User-Agent</code> (browser type), <code>Referer</code>, or
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync other HTTP request header fields.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><p align="center"><strong>Example:</strong></p><code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<Directory /docroot><br>
e06869a7894f42fb14132654a755832b63e1381dvboxsync Order Deny,Allow<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Deny from all<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Allow from env=let_me_in<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync</Directory>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>In this case, browsers with a user-agent string beginning
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync with <code>KnockKnock/2.0</code> will be allowed access, and all
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync others will be denied.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync</usage><hr/><h2><a name="Deny">Deny</a> <a name="deny">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Controls which hosts are denied access to the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsyncserver</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td><syntax> Deny from
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync [<em>host</em>|env=<em>env-variable</em>] ...</syntax></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>Limit</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_access</td></tr></table></td></tr></table><usage>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>This directive allows access to the server to be restricted
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync based on hostname, IP address, or environment variables. The
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync arguments for the <code class="directive">Deny</code> directive are
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync identical to the arguments for the <a href="#allow" class="directive"><code class="directive">Allow</code></a> directive.</p>
492c3ab08ac2c0d7e87d626f4422d9a8cb0b9b2avboxsync</usage><hr/><h2><a name="Order">Order</a> <a name="order">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Controls the default access state and the order in which
492c3ab08ac2c0d7e87d626f4422d9a8cb0b9b2avboxsyncAllow and Deny are
492c3ab08ac2c0d7e87d626f4422d9a8cb0b9b2avboxsyncevaluated.</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td><syntax> Order <em>ordering</em></syntax></td></tr><tr><td><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Order Deny,Allow</code></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>Limit</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_access</td></tr></table></td></tr></table><usage>
492c3ab08ac2c0d7e87d626f4422d9a8cb0b9b2avboxsync <p>The <code class="directive">Order</code> directive controls the default
492c3ab08ac2c0d7e87d626f4422d9a8cb0b9b2avboxsync access state and the order in which <a href="#allow" class="directive"><code class="directive">Allow</code></a> and <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives are evaluated.
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <dd>The <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync are evaluated before the <a href="#allow" class="directive"><code class="directive">Allow</code></a> directives. Access is
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync allowed by default. Any client which does not match a
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <a href="#deny" class="directive"><code class="directive">Deny</code></a> directive or does
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync match an <a href="#allow" class="directive"><code class="directive">Allow</code></a>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync directive will be allowed access to the server.</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <dd>The <a href="#allow" class="directive"><code class="directive">Allow</code></a>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync directives are evaluated before the <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives. Access is denied
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync by default. Any client which does not match an <a href="#allow" class="directive"><code class="directive">Allow</code></a> directive or does match a
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <a href="#deny" class="directive"><code class="directive">Deny</code></a> directive will be
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync denied access to the server.</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <dd>Only those hosts which appear on the <a href="#allow" class="directive"><code class="directive">Allow</code></a> list and do not appear on
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync the <a href="#deny" class="directive"><code class="directive">Deny</code></a> list are
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync granted access. This ordering has the same effect as <code>Order
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Allow,Deny</code> and is deprecated in favor of that
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync configuration.</dd>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>Keywords may only be separated by a comma; no whitespace is
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync allowed between them. Note that in all cases every <a href="#allow" class="directive"><code class="directive">Allow</code></a> and <a href="#deny" class="directive"><code class="directive">Deny</code></a> statement is evaluated.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>In the following example, all hosts in the apache.org domain
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync are allowed access; all other hosts are denied access.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Order Deny,Allow<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Deny from all<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>In the next example, all hosts in the apache.org domain are
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync allowed access, except for the hosts which are in the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync foo.apache.org subdomain, who are denied access. All hosts not
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync in the apache.org domain are denied access because the default
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync state is to deny access to the server.</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Order Allow,Deny<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>On the other hand, if the <code>Order</code> in the last
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync example is changed to <code>Deny,Allow</code>, all hosts will
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync be allowed access. This happens because, regardless of the
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync actual ordering of the directives in the configuration file,
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync the <code>Allow from apache.org</code> will be evaluated last
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync and will override the <code>Deny from foo.apache.org</code>.
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync All hosts not in the <code>apache.org</code> domain will also
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync be allowed access because the default state will change to
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>The presence of an <code>Order</code> directive can affect
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync access to a part of the server even in the absence of accompanying
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <a href="#allow" class="directive"><code class="directive">Allow</code></a> and <a href="#deny" class="directive"><code class="directive">Deny</code></a> directives because of its effect
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync on the default access state. For example,</p>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <Directory /www><br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync Order Allow,Deny<br>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync </Directory>
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync <p>will deny all access to the <code>/www</code> directory
4af0145a7d43b507e1ff74aa1e3b8d489a2078d7vboxsync because the default access state will be set to
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <p>The <code class="directive">Order</code> directive controls the order of access
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync directive processing only within each phase of the server's
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync configuration processing. This implies, for example, that an
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <a href="#allow" class="directive"><code class="directive">Allow</code></a> or <a href="#deny" class="directive"><code class="directive">Deny</code></a> directive occurring in a
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <a href="core.html#location" class="directive"><code class="directive"><Location></code></a> section will
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync always be evaluated after an <a href="#allow" class="directive"><code class="directive">Allow</code></a> or <a href="#deny" class="directive"><code class="directive">Deny</code></a> directive occurring in a
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <a href="core.html#directory" class="directive"><code class="directive"><Directory></code></a> section or
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <code>.htaccess</code> file, regardless of the setting of the
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync <code class="directive">Order</code> directive. For details on the merging
bd9987a5cea6755c011b29a419474e093a75d97cvboxsync of configuration sections, see the documentation on <a href="/sections.html">How Directory, Location and Files sections
