Re: order directive confusion

[Martchukov Anton <vhlist () yandex ru>]

On Thu, 04 Sep 2003 02:22:52 +0000
"SB CH" <chulmin2 () hotmail com> wrote:

> When I use order directive at apache(httpd.conf),
> proftpd(proftpd.conf), some confusion.

I also had a lot of trouble with this in Apache. However, I can't
comment for proftpd, but it is possibly the same.

> When I set like this, I can connect to the directory.
> <Limit GET>
>   Order deny,allow
>    allow from all
>    deny from all
> </Limit>

I belive "Order deny,allow" means that if a host satisfies both
directives allow and deny, than access will be allowed for such a host.

> But I can't connect to the directory below set.
>
> <Limit GET>
>   Order allow,deny
>    allow from all
>    deny from all
> </Limit>

And otherwise. "Order allow,deny" disables access for a host matching
both directives. As in your example.
 
> the manual says like this.
> How an I understand the correct meaning of the order directive?

I was also unclear with the manual, so correct me, if I'm wrong.

Hope this helps.

-- 
Martchukov Anton aka VH ========================================      
---------------------------------------------------------------- 
E-mail: vhlist () yandex ru    
ICQ: 155279978                     Registered Linux User #323324
================================================================

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------