<Directory /home/*/public_html> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS PROPFIND> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS PROPFIND> Order deny,allow Deny from all </LimitExcept> </Directory> You can control access to your server based on the HTTP method of the request using <Limit> and <LimitExcept> directives. This example, taken from the default Apache configuration file, shows how to allow read-only methods and deny requests for any other methods that can modify the content of the file system, such as PUT. The <Directory> section identifies per-user directories that can contain web pages, as explained in Chapter 8. The next two lines restrict the configuration settings that can be changed by users and other security settings. The <Limit> section allows access by default to those HTTP methods that are read-only, such as GET and POST. The <LimitExcept> section does the opposite, denying access to any other method, without explicitly having to enumerate them. This is particularly useful in the context of allowing your users to administer their own content, as covered in Chapter 8. |