Home Original page

Override Class Index for .htaccess

Available Languages:  en  |  fr 

This is an index of the directives that are allowed in .htaccess files for various AllowOverride settings, organized by class. Its intended purpose is to help server administrators verify the privileges they're granting to .htaccess users. For an overview of how .htaccess works, see the .htaccess tutorial.

To determine the set of directives that your server configuration allows .htaccess users to use:

  1. Start with the set of directives in the AllowOverrideList for the directory in question. (By default, this is set to None.)
  2. Find the AllowOverride setting for the directory in question. (By default, it is set to None.) There are two special cases:
    1. If your AllowOverride setting is All, add every directive listed on this page to the list.
    2. If your AllowOverride setting is None, you're done. Only the directives in the AllowOverrideList (if any) will be allowed.
  3. For each override class listed in AllowOverride, look up the corresponding set of directives below and add them to the list.
  4. Finally, add the set of directives that is always allowed in .htaccess (these are listed in the All section, below).

Several of the override classes are quite powerful and give .htaccess users a large amount of control over the server. For a stricter approach, set AllowOverride None and use AllowOverrideList to specify the exact list of directives that .htaccess users are allowed to use.

top

top

top

top

top

Limit

The following directives are allowed in .htaccess files when AllowOverride Limit is in effect. This extremely narrow override type mostly allows the use of the legacy authorization directives provided by mod_access_compat.

Allowmod_access_compat
Controls which hosts can access an area of the server
Denymod_access_compat
Controls which hosts are denied access to the server
<Limit>core
Restrict enclosed access controls to only certain HTTP methods
<LimitExcept>core
Restrict access controls to all HTTP methods except the named ones
Ordermod_access_compat
Controls the default access state and the order in which Allow and Deny are evaluated.

top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our mailing lists.