Directory-Level Configuration Controls
The httpd.conf directive AccessFileName .htaccess enables the use of a directory-level configuration control file, and states that the name of the directory configuration file is .htaccess. If the server finds a file with this name in a directory, it applies the configuration commands defined in the file to the directory based on the AllowOverride directive that applies to the directory. The .htaccess file allows you to distribute control to the individuals who create and manage the individual data directories.
Conceptually, the .htaccess file is similar to a Directory container. In the same way that the directives in a Directory container apply to a specific directory, the directives in the .htaccess file apply only to the directory in which the file is found. The directives in the .htaccess file are potentially the same ones used in the httpd.conf file that defines the system-wide configuration. The AllowOverride directive has six keywords that set the level of configuration control granted to the .htaccess file:
None Allows no configuration overrides. In effect, None disables the .htaccess file.
All Permits the .htaccess file to override everything defined in the httpd.conf configuration files for which overrides are allowed. This is the same as specifying all of the four remaining keywords: AuthConfig, FileInfo, Indexes, and Limit.
AuthConfig Permits the .htaccess file to define user authentication directives. User authentication is covered later in this tutorial.
FileInfo Allows the file to use directives that control document types.
Indexes Permits .htaccess to configure fancy indexing.
Limit Allows the file to configure host-level access controls. Access controls are discussed in the next section.
In addition to these keyword values, individual commands can be permitted through AllowOverride. For example, to allow a directory to define its own file extension mapping, specify
AllowOverride AddType
The Options and AllowOverride directives control access to server features and configuration overrides, which can help keep information safe from corruption. Sometimes, however, you have information you want to keep safe from widespread distribution. Access controls limit the distribution of information.
In this tutorial:
- Apache Web Server
- Installing Apache
- Running httpd
- Configuring the Apache Server
- The httpd.conf File
- Loading Dynamic Shared Objects
- Basic Server Directives
- Multi-Homed Server Configuration
- Defining Where Things Are Stored
- Creating a Fancy Index
- Defining File Types
- Managing Child Processes
- Performance Tuning Directives
- Caching Directives
- Defining Virtual Hosts
- Web Server Security
- The CGI and SSI Threat
- Server Options for Documents and Directories
- Directory-Level Configuration Controls
- Defining Access Controls
- Requiring User Authentication
- High-Performance User Authentication
- Configuring SSL
- Managing Your Web Server
- Monitoring Your Server
- Apache Logging
- Defining Log Formats
- Using Conditional Logging