Apache Deny <Location> but allow to sub Location

13.9k Views Asked by mdizzy At 18 April 2025 at 10:30

I am using Apache2.2 as the front end to a tomcat server. I want to restrict access to a location however allow all access to a sub-location but am having some trouble.

What I currently have is:

<Location "/location/sub">  
    AllowOverride None  
    Order Allow,deny  
    Allow from All  
</Location>  

<Location "/location/">  
 AllowOverride None  
 Order Deny, Allow  
 Deny from All  
 Allow from 10.10.10.10   
</Location>

The second rule appears to be working but is overriding the first rule.

Does anyone know what I am doing wrong or suggest way to do it?

Thanks

Original Q&A

There are 2 best solutions below

mdizzy On 21 June 2016 at 00:22 BEST ANSWER

Looks like I have got it working. I moved the order of the rules as Dusan suggested but it still didn't work. However, removing the

AllowOverride None
Order Allow,deny

from the rule seems to have fixed it.

So now I have the following which is working :

<Location "/location/">  
 AllowOverride None  
 Order Deny, Allow  
 Deny from All  
 Allow from 10.10.10.10   
</Location>

<Location "/location/sub">  
    Allow from All  
</Location>

Dusan Bajic On 16 June 2016 at 07:20

<Location> directives are processed in the order that they appear in the configuration files, so your second rule takes precedence. Just change the order of the rules in .conf file.

Apache Deny <Location> but allow to sub Location

There are 2 best solutions below

Related Questions in APACHE

Related Questions in MOD-AUTHZ-HOST

Trending Questions

Popular # Hahtags

Popular Questions