Apache HTTP Server Version 2.4
Apache HTTP Server Version 2.4
Access control refers to any means of controlling access to any resource. This is separate from authentication and authorization.
Related Modules and Directives Access control by host Access control by arbitrary variables Access control with mod_rewrite More information
Access control can be done by several different modules. The most
important of these are mod_authz_core and
mod_authz_host. Also discussed in this document
is access control using mod_rewrite.
If you wish to restrict access to portions of your site based on the
host address of your visitors, this is most easily done using
mod_authz_host.
The Require
provides a variety of different ways to allow or deny access to
resources. In conjunction with the RequireAll, RequireAny, and RequireNone directives, these
requirements may be combined in arbitrarily complex ways, to enforce
whatever your access policy happens to be.
The Allow,
Deny, and
Order directives,
provided by mod_access_compat, are deprecated and
will go away in a future version. You should avoid using them, and
avoid outdated tutorials recommending their use.
The usage of these directives is:
Require host address Require ip ip.address
In the first form, address is a fully qualified domain name (or a partial domain name); you may provide multiple addresses or domain names, if desired.
In the second form, ip.address is an IP address, a partial IP address, a network/netmask pair, or a network/nnn CIDR specification. Either IPv4 or IPv6 addresses may be used.
See