mod_access.xml revision e942c741056732f50da2074b36fe59805d370650
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<modulesynopsis>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<description>Provides access control based on client hostname, IP
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sieversaddress, or other characteristics of the client request.</description>
b26e4ced91d0ac0eabdce1c505228ccafc65a23fDavid Herrmann <p>The directives provided by mod_access are used in <directive
b26e4ced91d0ac0eabdce1c505228ccafc65a23fDavid Herrmann module="core" type="section">Directory</directive>, <directive
b26e4ced91d0ac0eabdce1c505228ccafc65a23fDavid Herrmann module="core" type="section">Files</directive>, and <directive
b26e4ced91d0ac0eabdce1c505228ccafc65a23fDavid Herrmann module="core" type="section">Location</directive> sections as well as
b26e4ced91d0ac0eabdce1c505228ccafc65a23fDavid Herrmann <code><a href="core.html#accessfilename">.htaccess</a></code>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers files to control access to particular parts of the server. Access
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann can be controlled based on the client hostname, IP address, or
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann other characteristics of the client request, as captured in <a
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann href="/env.html">environment variables</a>. The <directive
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann module="mod_access">Allow</directive> and <directive
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann module="mod_access">Deny</directive> directives are used to
ba76ee29bc02879fb42c048132af8889b00220d5David Herrmann specify which clients are or are not allowed access to the server,
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann while the <directive module="mod_access">Order</directive>
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann directive sets the default access state, and configures how the
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann <directive module="mod_access">Allow</directive> and <directive
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann module="mod_access">Deny</directive> directives interact with each
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek <p>Both host-based access restrictions and password-based
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek authentication may be implemented simultaneously. In that case,
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek the <directive module="core">Satisfy</directive> directive is used
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers to determine how the two sets of restrictions interact.</p>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek <p>In general, access restriction directives apply to all
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek access methods (<code>GET</code>, <code>PUT</code>,
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek <code>POST</code>, etc). This is the desired behavior in most
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers cases. However, it is possible to restrict some methods, while
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers leaving other methods unrestricted, by enclosing the directives
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers in a <directive module="core" type="section">Limit</directive> section.</p>
24a4501d70e60f15c074e9f5bda46a7fbc5735e5Peter Hutterer<seealso><directive module="core">Satisfy</directive></seealso>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek<seealso><directive module="core">Require</directive></seealso>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek<directivesynopsis>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek<description>Controls which hosts can access an area of the
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmekserver</description>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek<syntax> Allow from
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek all|<em>host</em>|env=<em>env-variable</em>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek [<em>host</em>|env=<em>env-variable</em>] ...</syntax>
fa9d4be3f1f4a792b2f3624c2a08fe9cc6ce6e54Zbigniew Jędrzejewski-Szmek<contextlist><context>directory</context><context>.htaccess</context>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers <p>The <directive>Allow</directive> directive affects which hosts can
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt access an area of the server. Access can be controlled by
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann hostname, IP Address, IP Address range, or by other
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann characteristics of the client request captured in environment
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann variables.</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>The first argument to this directive is always
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <code>from</code>. The subsequent arguments can take three
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers different forms. If <code>Allow from all</code> is specified, then
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt all hosts are allowed access, subject to the configuration of the
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="mod_access">Deny</directive> and <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Order</directive> directives as discussed
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers below. To allow only particular hosts or groups of hosts to access
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers the server, the <em>host</em> can be specified in any of the
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers following formats:</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <dd>Example: <code>Allow from apache.org</code><br />
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers Hosts whose names match, or end in, this string are allowed
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers access. Only complete components are matched, so the above
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers example will match <code>foo.apache.org</code> but it will
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers not match <code>fooapache.org</code>. This configuration will
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers cause the server to perform a reverse DNS lookup on the
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers client IP address, regardless of the setting of the <directive
42a9de1c2513aa348df369080cdd941ef4ab00abMartin Pitt directive.</dd>
90e633a7901060063e62bf53948c4c239a9f55d1Jason St. John <dd>Example: <code>Allow from 10.1.2.3</code><br />
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt An IP address of a host allowed access</dd>
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt The first 1 to 3 bytes of an IP address, for subnet
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt restriction.</dd>
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt A network a.b.c.d, and a netmask w.x.y.z. For more
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt fine-grained subnet restriction.</dd>
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt <dd>Example: <code>Allow from 10.1.0.0/16</code><br />
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt Similar to the previous case, except the netmask consists of
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt nnn high-order 1 bits.</dd>
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt <p>Note that the last three examples above match exactly the
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann same set of hosts.</p>
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt <p>IPv6 addresses and IPv6 subnets can be specified as shown
c5b7838ddeae1fcd5c613ea15f04918b945823e5Martin Pitt Allow from fe80::a00:20ff:fea7:ccea<br />
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann <p>The third format of the arguments to the
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann <directive>Allow</directive> directive allows access to the server
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann to be controlled based on the existence of an <a
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann href="/env.html">environment variable</a>. When <code>Allow from
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann env=</code><em>env-variable</em> is specified, then the request is
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann allowed access if the environment variable <em>env-variable</em>
2dd30e7da94b32df03451df8cf602e9454a376cbKay Sievers exists. The server provides the ability to set environment
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers variables in a flexible way based on characteristics of the client
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann request using the directives provided by
1e091c1285b59d0fbab58e6e5113ad111bc08794Martin Pitt <module>mod_setenvif</module>. Therefore, this directive can be
1e091c1285b59d0fbab58e6e5113ad111bc08794Martin Pitt used to allow access based on such factors as the clients
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <code>User-Agent</code> (browser type), <code>Referer</code>, or
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers other HTTP request header fields.</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay SieversSetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<Directory /docroot><br />
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers Order Deny,Allow<br />
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers Deny from all<br />
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers Allow from env=let_me_in<br />
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers</Directory>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>In this case, browsers with a user-agent string beginning
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers with <code>KnockKnock/2.0</code> will be allowed access, and all
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers others will be denied.</p>
4e3deeedc15b03197d591850061316289245c9a9Martin Pitt</directivesynopsis>
33e74db2667103e33f7e47277378612dcdbdfaa5Martin Pitt<directivesynopsis>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers<description>Controls which hosts are denied access to the
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmannserver</description>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<syntax> Deny from
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers [<em>host</em>|env=<em>env-variable</em>] ...</syntax>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers<contextlist><context>directory</context><context>.htaccess</context>
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers</contextlist>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>This directive allows access to the server to be restricted
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers based on hostname, IP address, or environment variables. The
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers arguments for the <directive>Deny</directive> directive are
0c959b39175b126fdb70ae00de37ca6d9c8ca3a1Kay Sievers identical to the arguments for the <directive
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann module="mod_access">Allow</directive> directive.</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers</directivesynopsis>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers<directivesynopsis>
fc1ae82cae69d8dbbd9e7a31938810a486fac782Hans de Goede<description>Controls the default access state and the order in which
fc1ae82cae69d8dbbd9e7a31938810a486fac782Hans de Goede<directive>Allow</directive> and <directive>Deny</directive> are
fc1ae82cae69d8dbbd9e7a31938810a486fac782Hans de Goedeevaluated.</description>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers<contextlist><context>directory</context><context>.htaccess</context>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers</contextlist>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>The <directive>Order</directive> directive controls the default
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers access state and the order in which <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Allow</directive> and <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> directives are evaluated.
42a9de1c2513aa348df369080cdd941ef4ab00abMartin Pitt <dd>The <directive module="mod_access">Deny</directive> directives
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers are evaluated before the <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Allow</directive> directives. Access is
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers allowed by default. Any client which does not match a
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="mod_access">Deny</directive> directive or does
42a9de1c2513aa348df369080cdd941ef4ab00abMartin Pitt match an <directive module="mod_access">Allow</directive>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers directive will be allowed access to the server.</dd>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <dd>The <directive module="mod_access">Allow</directive>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers directives are evaluated before the <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> directives. Access is denied
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers by default. Any client which does not match an <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Allow</directive> directive or does match a
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="mod_access">Deny</directive> directive will be
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers denied access to the server.</dd>
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann <dd>Only those hosts which appear on the <directive
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann module="mod_access">Allow</directive> list and do not appear on
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann the <directive module="mod_access">Deny</directive> list are
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann granted access. This ordering has the same effect as <code>Order
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers Allow,Deny</code> and is deprecated in favor of that
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers configuration.</dd>
aba248ee6b1eb10baf3d89eca2ad7569459af6abHans de Goede <p>Keywords may only be separated by a comma; no whitespace is
aba248ee6b1eb10baf3d89eca2ad7569459af6abHans de Goede allowed between them. Note that in all cases every <directive
aba248ee6b1eb10baf3d89eca2ad7569459af6abHans de Goede module="mod_access">Allow</directive> and <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> statement is evaluated.</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>In the following example, all hosts in the apache.org domain
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers are allowed access; all other hosts are denied access.</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers Order Deny,Allow<br />
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann Deny from all<br />
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>In the next example, all hosts in the apache.org domain are
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers allowed access, except for the hosts which are in the
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann foo.apache.org subdomain, who are denied access. All hosts not
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann in the apache.org domain are denied access because the default
3f42b51f21171a3166200af3d9966812f1ddd0f0Martin Pitt state is to deny access to the server.</p>
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann Order Allow,Deny<br />
24119cf10c7ed58a8fc0851745149dcc6dd5757fStefan Brüns <p>On the other hand, if the <code>Order</code> in the last
4f70555d76c90ffdc5a5e4f75bbc08b38022c911Zbigniew Jędrzejewski-Szmek example is changed to <code>Deny,Allow</code>, all hosts will
24119cf10c7ed58a8fc0851745149dcc6dd5757fStefan Brüns be allowed access. This happens because, regardless of the
1f6d36f267186c0e3184bab4c7eca48481c6faabHui Wang actual ordering of the directives in the configuration file,
1f6d36f267186c0e3184bab4c7eca48481c6faabHui Wang the <code>Allow from apache.org</code> will be evaluated last
d946bb53f94713241004810de92cc37f1e19c2d2Martin Pitt and will override the <code>Deny from foo.apache.org</code>.
1f6d36f267186c0e3184bab4c7eca48481c6faabHui Wang All hosts not in the <code>apache.org</code> domain will also
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers be allowed access because the default state will change to
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>The presence of an <code>Order</code> directive can affect
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann access to a part of the server even in the absence of accompanying
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="mod_access">Allow</directive> and <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> directives because of its effect
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers on the default access state. For example,</p>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <Directory /www><br />
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers Order Allow,Deny<br />
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers </Directory>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>will deny all access to the <code>/www</code> directory
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers because the default access state will be set to
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <p>The <directive>Order</directive> directive controls the order of access
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers directive processing only within each phase of the server's
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann configuration processing. This implies, for example, that an
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="mod_access">Allow</directive> or <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> directive occurring in a
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="core" type="section">Location</directive> section will
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann always be evaluated after an <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Allow</directive> or <directive
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers module="mod_access">Deny</directive> directive occurring in a
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive module="core" type="section">Directory</directive> section or
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <code>.htaccess</code> file, regardless of the setting of the
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers <directive>Order</directive> directive. For details on the merging
b17de8449c3ce26031d5bb7dec1086b56e51ac9bDavid Herrmann of configuration sections, see the documentation on <a
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers href="/sections.html">How Directory, Location and Files sections
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers</directivesynopsis>
aedc2eddd16e48d468e6ad0aea2caf00c7d37365Kay Sievers</modulesynopsis>