docs/manual/location.html - httpd - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <HTML>
 <HEAD>
 <TITLE>Access Control by URL</TITLE>
 </HEAD>

 <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
 <BODY
  BGCOLOR="#FFFFFF"
  TEXT="#000000"
  LINK="#0000FF"
  VLINK="#000080"
  ALINK="#FF0000"
 >
 <!--#include virtual="header.html" -->
 <H1 ALIGN="CENTER">Access Control by URL</H1>

 <H2><A NAME="location">The <CODE>&lt;Location&gt;</CODE> Directive</A></H2>

 <A
  HREF="mod/directive-dict.html#Syntax"
  REL="Help"
 ><STRONG>Syntax:</STRONG></A> &lt;Location <EM>URL prefix</EM>&gt;<BR>
 <A
  HREF="mod/directive-dict.html#Context"
  REL="Help"
 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
 <A
  HREF="mod/directive-dict.html#Status"
  REL="Help"
 ><STRONG>Status:</STRONG></A> core<BR>

 <P>The &lt;Location&gt; directive provides for access control by
 URL. It is comparable to the <A
 HREF="mod/core.html#directory">&lt;Directory&gt;</A> directive, and
 should be matched with a &lt;/Location&gt; directive. Directives that
 apply to the URL given should be listen
 within. <CODE>&lt;Location&gt;</CODE> sections are processed in the
 order they appear in the configuration file, after the
 &lt;Directory&gt; sections and <CODE>.htaccess</CODE> files are
 read.</P>

 <P>Note that, due to the way HTTP functions, <EM>URL prefix</EM>
 should, save for proxy requests, be of the form <CODE>/path/</CODE>,
 and should not include the <CODE>http://servername</CODE>. It doesn't
 necessarily have to protect a directory (it can be an individual
 file, or a number of files), and can include wild-cards.  In a wild-card
 string, `?' matches any single character, and `*' matches any
 sequences of characters.

 <P>This functionality is especially useful when combined with the
 <CODE><A HREF="mod/mod_mime.html#sethandler">SetHandler</A></CODE>
 directive. For example, to enable status requests, but allow them only
 from browsers at foo.com, you might use:

 <PRE>
     &lt;Location /status&gt;
     SetHandler server-status
     order deny,allow
     deny from all
     allow from .foo.com
     &lt;/Location&gt;
 </PRE>

 <!--#include virtual="footer.html" -->
 </BODY>
 </HTML>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
	<HTML>
	<HEAD>
	<TITLE>Access Control by URL</TITLE>
	</HEAD>

	<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
	<BODY
	BGCOLOR="#FFFFFF"
	TEXT="#000000"
	LINK="#0000FF"
	VLINK="#000080"
	ALINK="#FF0000"
	>
	<!--#include virtual="header.html" -->
	<H1 ALIGN="CENTER">Access Control by URL</H1>

	<H2><A NAME="location">The <CODE><Location></CODE> Directive</A></H2>

	<A
	HREF="mod/directive-dict.html#Syntax"
	REL="Help"
	><STRONG>Syntax:</STRONG></A> <Location <EM>URL prefix</EM>><BR>
	<A
	HREF="mod/directive-dict.html#Context"
	REL="Help"
	><STRONG>Context:</STRONG></A> server config, virtual host<BR>
	<A
	HREF="mod/directive-dict.html#Status"
	REL="Help"
	><STRONG>Status:</STRONG></A> core<BR>

	<P>The <Location> directive provides for access control by
	URL. It is comparable to the <A
	HREF="mod/core.html#directory"><Directory></A> directive, and
	should be matched with a </Location> directive. Directives that
	apply to the URL given should be listen
	within. <CODE><Location></CODE> sections are processed in the
	order they appear in the configuration file, after the
	<Directory> sections and <CODE>.htaccess</CODE> files are
	read.</P>

	<P>Note that, due to the way HTTP functions, <EM>URL prefix</EM>
	should, save for proxy requests, be of the form <CODE>/path/</CODE>,
	and should not include the <CODE>http://servername</CODE>. It doesn't
	necessarily have to protect a directory (it can be an individual
	file, or a number of files), and can include wild-cards. In a wild-card
	string, `?' matches any single character, and `*' matches any
	sequences of characters.

	<P>This functionality is especially useful when combined with the
	<CODE><A HREF="mod/mod_mime.html#sethandler">SetHandler</A></CODE>
	directive. For example, to enable status requests, but allow them only
	from browsers at foo.com, you might use:

	<PRE>
	<Location /status>
	SetHandler server-status
	order deny,allow
	deny from all
	allow from .foo.com
	</Location>
	</PRE>

	<!--#include virtual="footer.html" -->
	</BODY>
	</HTML>