docs/manual/location.html - httpd - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <HTML>
 <HEAD>
 <TITLE>Access Control by URL</TITLE>
 </HEAD>

 <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
 <BODY
  BGCOLOR="#FFFFFF"
  TEXT="#000000"
  LINK="#0000FF"
  VLINK="#000080"
  ALINK="#FF0000"
 >
 <!--#include virtual="header.html" -->
 <H1 ALIGN="CENTER">Access Control by URL</H1>

 <h2><a name="location">The <code>&lt;Location&gt;</code> Directive</a></h2>

 <strong>Syntax:</strong> &lt;Location <em>URL prefix</em>&gt;<br>
 <strong>Context:</strong> server config, virtual host<br>
 <strong>Status:</strong> core<br>

 <p>The &lt;Location&gt; directive provides for access control by
 URL. It is comparable to the <a
 href="mod/core.html#directory">&lt;Directory&gt;</a> directive, and
 should be matched with a &lt;/Location&gt; directive. Directives that
 apply to the URL given should be listen
 within. <code>&lt;Location&gt;</code> sections are processed in the
 order they appear in the configuration file, after the
 &lt;Directory&gt; sections and <code>.htaccess</code> files are
 read.</p>

 <p>Note that, due to the way HTTP functions, <em>URL prefix</em>
 should, save for proxy requests, be of the form <code>/path/</code>,
 and should not include the <code>http://servername</code>. It doesn't
 necessarily have to protect a directory (it can be an individual
 file, or a number of files), and can include wild-cards.  In a wild-card
 string, `?' matches any single character, and `*' matches any
 sequences of characters.

 <p>This functionality is especially useful when combined with the
 <code><a href="mod/mod_mime.html#sethandler">SetHandler</a></code>
 directive. For example, to enable status requests, but allow them only
 from browsers at foo.com, you might use:

 <pre>
     &lt;Location /status&gt;
     SetHandler server-status
     order deny,allow
     deny from all
     allow from .foo.com
     &lt;/Location&gt;
 </pre>

 <!--#include virtual="footer.html" -->
 </BODY>
 </HTML>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
	<HTML>
	<HEAD>
	<TITLE>Access Control by URL</TITLE>
	</HEAD>

	<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
	<BODY
	BGCOLOR="#FFFFFF"
	TEXT="#000000"
	LINK="#0000FF"
	VLINK="#000080"
	ALINK="#FF0000"
	>
	<!--#include virtual="header.html" -->
	<H1 ALIGN="CENTER">Access Control by URL</H1>

	<h2><a name="location">The <code><Location></code> Directive</a></h2>

	<strong>Syntax:</strong> <Location <em>URL prefix</em>><br>
	<strong>Context:</strong> server config, virtual host<br>
	<strong>Status:</strong> core<br>

	<p>The <Location> directive provides for access control by
	URL. It is comparable to the <a
	href="mod/core.html#directory"><Directory></a> directive, and
	should be matched with a </Location> directive. Directives that
	apply to the URL given should be listen
	within. <code><Location></code> sections are processed in the
	order they appear in the configuration file, after the
	<Directory> sections and <code>.htaccess</code> files are
	read.</p>

	<p>Note that, due to the way HTTP functions, <em>URL prefix</em>
	should, save for proxy requests, be of the form <code>/path/</code>,
	and should not include the <code>http://servername</code>. It doesn't
	necessarily have to protect a directory (it can be an individual
	file, or a number of files), and can include wild-cards. In a wild-card
	string, `?' matches any single character, and `*' matches any
	sequences of characters.

	<p>This functionality is especially useful when combined with the
	<code><a href="mod/mod_mime.html#sethandler">SetHandler</a></code>
	directive. For example, to enable status requests, but allow them only
	from browsers at foo.com, you might use:

	<pre>
	<Location /status>
	SetHandler server-status
	order deny,allow
	deny from all
	allow from .foo.com
	</Location>
	</pre>

	<!--#include virtual="footer.html" -->
	</BODY>
	</HTML>