2.3.43 Deny
Deny restricts the clients who can access the web server.
Description
Deny restricts the clients who can access the web server. For host, you can specify the domain name, IP address, subnet, or netmask of the host for which access to the web server is to be prohibited. To prohibit access from all hosts to the web server, specify all.
In addition, for host, you can also specify the domain name related to an IPv6 address, address, or prefix length. If you specify IPv6_address, do not enclose the IPv6 address in square brackets ([ ]). Specify prefix_length by using the IPv6_address/prefix_length format. For prefix_length, specify a decimal number.
If you specify env=environment_variable, you can restrict access to the web server by using the environment variable. If you specify this directive with the BrowserMatch, BrowserMatchNoCase, SetEnvIf, or SetEnvIfNoCase directive, you can restrict access based on the HTTP request header field.
You can specify the Order directive to set the order in which the Allow directive (which permits access) and the Deny directive (which restricts access) are evaluated.
|
host |
Description |
|---|---|
|
domain_name |
Prohibits access from the host specified by the domain name. |
|
IP_address |
Prohibits access from the host specified by the IP address. |
|
subnet |
Prohibits access from the host specified by the subnet (first 3 bytes of the IP address). |
|
netmask |
Prohibits access from the host specified by using the netmask notation (example: 10.1.0.0/255.255.0.0). The netmask specified by using the 10.1.0.0/16 format is the same as 10.1.0.0/255.255.0.0. |
Syntax
Deny from {host|all|env=environment_variable} [{host|env=environment_variable} ...]
Locations where it can be written
<Directory> and .htaccess
Overwrite permission
Limit level