Pokrewne
- Strona Główna
- McGraw.Hill,.Digital.Animation.Bible.Creating.Professional.Animation.with.3ds.Max.Lightwave.and.Maya.(2004).LiB
- [eBook] DirectX 3D Graphics Programming Bible
- Microsoft Office Excel 2003 Bible
- Microsoft Windows XP Bible
- Access 2002 Bible
- Redhat Linux 7.2 Bible
- rozdz14 (2)
- Quinnell A J Wiezy krwi
- Tolkien J.R.R Powrót króla
- zanotowane.pl
- doc.pisz.pl
- pdf.pisz.pl
- wywoz-sciekow.pev.pl
[ Pobierz całość w formacie PDF ]
.When more than onehost or IP address is specified, they should be separated with space characters.Table 7-1 shows the possible values for the directive.Syntax: Allow from host1 host2 host3.Context: Directory, location, per-directory access control file (.htaccess)Override: Limite4821-2 ch07.F 2/22/02 10:12 AM Page 191Chapter 7 &' Authenticating and Authorizing Web Site Visitors191Table 7-1Possible Values for the allow DirectiveValue Example DescriptionAll allow from all This reserved word allows access forall hosts.The example shows howto use this option.A FQDN of a host allow from wormhole.Only the host that has the specifiedmobidac.com domain name (FQDN) is allowedaccess.The allowdirective in theexample only allows access towormhole.mobidac.com.Notethat this compares wholecomponents; toys.comwould notmatch etoys.com.A partial domain allow from.mainoffice.Only the hosts that match thename of a host mobidac.com partial host name are allowedaccess.The example permits all thehosts in.mainoffice.mobidac.com network to access the site.Forexample, developer1.mainoffice.mobidac.com anddeveloper2.mainoffice.mobidac.comhave access to the site.However, developer3.baoffice.mobidac.comis not allowed access.A full IP address allow from 192.168.1.100 Only the specified IP address isof a host allowed access.The example showsthe full IP address (all four octets ofIP are present), 192.168.1.100that is allowed access.A partial IP address Example 1: When less than four octets of an IPallow from 192.168.1 address are present in the allowdirective, the partial IP address isExample 2: matched from left to right, andallow from 130.86 hosts that have the matching IPaddress pattern (that is, it is part ofthe same subnet) are allowedaccess.In the first example, all hostswith IP addresses in the range of192.168.1.1 to 192.168.1.255 haveaccess.In the second example, allhosts from the network are allowedaccess.Continuede4821-2 ch07.F 2/22/02 10:12 AM Page 192Part II &' Web Site Administration192Table 7-1 (continued)Value Example DescriptionA network/ allow from 192.168.1.0/ This enables you to specify a rangenetmask pair 255.255.255.0 of IP addresses using the networkand the netmask address.Theexample allows only the hosts withIP addresses in the range of192.168.1.1 to 192.168.1.255 tohave access.A network/nnn allow 206.171.50.0/24 Similar to the previous entry, exceptCIDR specification that the netmask consists of nnnhigh-order 1 bits.The example isequivalent to allowing access tohosts with IP addresses from206.171.50.0/255.255.255.deny directiveThis directive is the exact opposite of the allowdirective.It enables you to define alist of hosts that are denied access to a specified directory.Like the allowdirective,it can accept all the values shown in Table 7-1.Syntax:deny from host1 host2 host3 [.]Context: Directory, location, per-directory access control file (.htaccess)Override:Limitorder directiveThis directive controls how Apache evaluates both allowand denydirectives.Syntax:order deny, allow | allow, deny | mutual-failureDefault:order deny, allowContext: Directory, location, per-directory access control fileOverride:LimitFor example, the following directive denies the host myboss.mycompany.comaccess, while allowing all other hosts to access the directory.The value for theorderdirective is a comma-separated list, which indicates which directive takesprecedence:e4821-2 ch07.F 2/22/02 10:12 AM Page 193Chapter 7 &' Authenticating and Authorizing Web Site Visitors193order deny, allowdeny from myboss.mycompany.comallow from allTypically, the one that affects all hosts is given lowest priority.In the precedingexample, because the allowdirective affects all hosts, it is given the lower priority.Although allow, denyand deny, alloware the most widely used values for theorderdirective, you can use another value, mutual-failure, to indicate that onlythose hosts appearing on the allowlist but not on the denylist are granted access.In all cases, every allowand denydirective is evaluated.allow from env=variable directiveThis directive, a variation of the allowdirective, allows access when the namedenvironment variable is set.Syntax:allow from env=variableContext: Directory, location, per-directory access control file (.htaccess)Override:LimitThis is only useful if you are using other directives such as BrowserMatchto set anenvironment variable.For example, say you want to allow Microsoft InternetExplorer 6, the latest version of Internet Explorer, to access a directory where youstored some HTML files with embedded VBScript.Because the other leading Webbrowser, Netscape Navigator, does not support VBScript directly, you d rather nothave Navigator users go into the directory.In such a case, you can use theBrowserMatchdirective to set an environment variable when Internet Explorer 5.5is detected.The directive would be:BrowserMatch MSIE 5.5 ms_browserNow you can use a container to specify the allowdirective, as follows:order deny,allowdeny from allallow from env=ms_browserHere the Apache server will set the ms_browserenvironment variable for allbrowsers that provide the MSIE 6 string as part of the user-agent identifier.The allowdirective will allow access only to browsers for which the ms_browservariable is set.e4821-2 ch07.F 2/22/02 10:12 AM Page 194Part II &' Web Site Administration194deny from env=variableThis directive, a variation of the denydirective, denies access capability for allhosts for which the specified environment is set.Syntax:deny from env=variableContext: Directory, location, per-directory access control file (.htaccess)Override: LimitFor example, if you want to deny all hosts using Microsoft Internet Explorer access,you can use the BrowserMatchdirective to set a variable called ms_browserwhen-ever a browser identified itself to the server with the string MSIE.BrowserMatch MSIE ms_browserNow you can use a container to specify the denydirective, as follows:order deny,allowallow from alldeny from env=ms_browserIf you are interested in blocking access to a specific HTTP request method, such asGET, POST, or PUT, you can use the container to do so.For example:order deny,allowdeny from allallow from yourdomain.comThis example allows POSTrequests to the cgi-bindirectory only if hosts in theyourdomain.comdomain make the request.In other words, if this site has someHTML forms that send user input data via the HTTP POSTmethod, only the users inyourdomain.comwill be able to use these forms effectively [ Pobierz całość w formacie PDF ]
zanotowane.pl doc.pisz.pl pdf.pisz.pl agnieszka90.opx.pl
.When more than onehost or IP address is specified, they should be separated with space characters.Table 7-1 shows the possible values for the directive.Syntax: Allow from host1 host2 host3.Context: Directory, location, per-directory access control file (.htaccess)Override: Limite4821-2 ch07.F 2/22/02 10:12 AM Page 191Chapter 7 &' Authenticating and Authorizing Web Site Visitors191Table 7-1Possible Values for the allow DirectiveValue Example DescriptionAll allow from all This reserved word allows access forall hosts.The example shows howto use this option.A FQDN of a host allow from wormhole.Only the host that has the specifiedmobidac.com domain name (FQDN) is allowedaccess.The allowdirective in theexample only allows access towormhole.mobidac.com.Notethat this compares wholecomponents; toys.comwould notmatch etoys.com.A partial domain allow from.mainoffice.Only the hosts that match thename of a host mobidac.com partial host name are allowedaccess.The example permits all thehosts in.mainoffice.mobidac.com network to access the site.Forexample, developer1.mainoffice.mobidac.com anddeveloper2.mainoffice.mobidac.comhave access to the site.However, developer3.baoffice.mobidac.comis not allowed access.A full IP address allow from 192.168.1.100 Only the specified IP address isof a host allowed access.The example showsthe full IP address (all four octets ofIP are present), 192.168.1.100that is allowed access.A partial IP address Example 1: When less than four octets of an IPallow from 192.168.1 address are present in the allowdirective, the partial IP address isExample 2: matched from left to right, andallow from 130.86 hosts that have the matching IPaddress pattern (that is, it is part ofthe same subnet) are allowedaccess.In the first example, all hostswith IP addresses in the range of192.168.1.1 to 192.168.1.255 haveaccess.In the second example, allhosts from the network are allowedaccess.Continuede4821-2 ch07.F 2/22/02 10:12 AM Page 192Part II &' Web Site Administration192Table 7-1 (continued)Value Example DescriptionA network/ allow from 192.168.1.0/ This enables you to specify a rangenetmask pair 255.255.255.0 of IP addresses using the networkand the netmask address.Theexample allows only the hosts withIP addresses in the range of192.168.1.1 to 192.168.1.255 tohave access.A network/nnn allow 206.171.50.0/24 Similar to the previous entry, exceptCIDR specification that the netmask consists of nnnhigh-order 1 bits.The example isequivalent to allowing access tohosts with IP addresses from206.171.50.0/255.255.255.deny directiveThis directive is the exact opposite of the allowdirective.It enables you to define alist of hosts that are denied access to a specified directory.Like the allowdirective,it can accept all the values shown in Table 7-1.Syntax:deny from host1 host2 host3 [.]Context: Directory, location, per-directory access control file (.htaccess)Override:Limitorder directiveThis directive controls how Apache evaluates both allowand denydirectives.Syntax:order deny, allow | allow, deny | mutual-failureDefault:order deny, allowContext: Directory, location, per-directory access control fileOverride:LimitFor example, the following directive denies the host myboss.mycompany.comaccess, while allowing all other hosts to access the directory.The value for theorderdirective is a comma-separated list, which indicates which directive takesprecedence:e4821-2 ch07.F 2/22/02 10:12 AM Page 193Chapter 7 &' Authenticating and Authorizing Web Site Visitors193order deny, allowdeny from myboss.mycompany.comallow from allTypically, the one that affects all hosts is given lowest priority.In the precedingexample, because the allowdirective affects all hosts, it is given the lower priority.Although allow, denyand deny, alloware the most widely used values for theorderdirective, you can use another value, mutual-failure, to indicate that onlythose hosts appearing on the allowlist but not on the denylist are granted access.In all cases, every allowand denydirective is evaluated.allow from env=variable directiveThis directive, a variation of the allowdirective, allows access when the namedenvironment variable is set.Syntax:allow from env=variableContext: Directory, location, per-directory access control file (.htaccess)Override:LimitThis is only useful if you are using other directives such as BrowserMatchto set anenvironment variable.For example, say you want to allow Microsoft InternetExplorer 6, the latest version of Internet Explorer, to access a directory where youstored some HTML files with embedded VBScript.Because the other leading Webbrowser, Netscape Navigator, does not support VBScript directly, you d rather nothave Navigator users go into the directory.In such a case, you can use theBrowserMatchdirective to set an environment variable when Internet Explorer 5.5is detected.The directive would be:BrowserMatch MSIE 5.5 ms_browserNow you can use a container to specify the allowdirective, as follows:order deny,allowdeny from allallow from env=ms_browserHere the Apache server will set the ms_browserenvironment variable for allbrowsers that provide the MSIE 6 string as part of the user-agent identifier.The allowdirective will allow access only to browsers for which the ms_browservariable is set.e4821-2 ch07.F 2/22/02 10:12 AM Page 194Part II &' Web Site Administration194deny from env=variableThis directive, a variation of the denydirective, denies access capability for allhosts for which the specified environment is set.Syntax:deny from env=variableContext: Directory, location, per-directory access control file (.htaccess)Override: LimitFor example, if you want to deny all hosts using Microsoft Internet Explorer access,you can use the BrowserMatchdirective to set a variable called ms_browserwhen-ever a browser identified itself to the server with the string MSIE.BrowserMatch MSIE ms_browserNow you can use a container to specify the denydirective, as follows:order deny,allowallow from alldeny from env=ms_browserIf you are interested in blocking access to a specific HTTP request method, such asGET, POST, or PUT, you can use the container to do so.For example:order deny,allowdeny from allallow from yourdomain.comThis example allows POSTrequests to the cgi-bindirectory only if hosts in theyourdomain.comdomain make the request.In other words, if this site has someHTML forms that send user input data via the HTTP POSTmethod, only the users inyourdomain.comwill be able to use these forms effectively [ Pobierz całość w formacie PDF ]