DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25000>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25000 conflicting ORDER documentation [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From [EMAIL PROTECTED] 2003-11-26 06:53 ------- Believe it or not, these two descriptions are not conflicting. :) Given that, this is really a question for the user support list, but I'll go ahead and answer it here in case somebody else does a search for this sometime in the future: Let me try to rephrase the snippets you quoted.. maybe that will help. The second snippet says that the Order directive determines whether Denys or Allows are processed first. But more importantly, it also says that whichever one is processed last is the default. This means, for example, that if you specify "Order deny,allow", then any client that is *neither* explicitly denied nor explicitly allowed is allowed by default. If you use "Order allow,deny", then any client that is neither explicitly denied nor explicitly allowed is denied by default. The first snippet is saying that if you use "Order deny,allow" AND you leave out the "Deny" line altogether, then everybody will be allowed (both those explicitly Allowed and everybody else because allow would then be the default). However, if you have "Order deny,allow" and you "Deny from all", then the behavior for all clients is explicitly specified, and thus the "default to allow" behavior has no impact at all. And in that case, you need to use "Order deny,allow", so that your "Deny from all" can be overridden by explicit "Allow"'s. OR, you could use "Order allow,deny", as long as you do NOT "Deny from all". This would mean you explicitly allowed some clients, and everybody else is denied explicitly or by default. The reason you can't use "Deny from all" with "Order allow,deny" is that EVERYBODY would be denied, since the denies get processed last and override the allows. Does that help? Or just muddy it up further? :) If you have further questions, please refer them to the user support mailing list. See http://httpd.apache.org/userslist.html --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
