W3-Video WEB Tutorials

w3-video.com is a Free eLearning Website with over 500 video tutorials on HTML5, XAMPP, .htaccess, Firefox, Notepad++

.htaccess Tutorial

Home HTML5 XAMPP .htaccess Firefox Notepad++


4. AllowOverride directive and .htaccess, Tutorial


Share it

The AllowOverride directive

The AllowOverride directive specifies the allowed content (directives) of an .htaccess file.

Syntax

1AllowOverride All | None | groupings of directives
  • All = any directive listed below is allowed in .htaccess
    None = the .htaccess file is completely ignored
    groupings of directives = only the directives under that specific grouping are allowed in the .htaccess file


AllowOverride groupings of directives

Below 5 groupings of directives, each containing specific directives and their corresponding module:



  1. AuthConfig
  1. FileInfo
  1. Indexes
  1. Limit
  1. Options

AllowOverride directive Examples

Deny all access to the server requires:

Allow Override All or the corresponding grouping of directives (httpd.conf)
1

2
AllowOverride All
or
AllowOverride Limit
mod_authz_host module loaded (httpd.conf)
1LoadModule authz_host_module modules/mod_authz_host.so
valid directives in the .htaccess file
1

2
3
Deny from all
or
Order Allow,Deny
Deny from all

Set index page requires:

Allow Override All or the corresponding grouping of directives (httpd.conf)
1

2
AllowOverride All
or
AllowOverride Indexes
mod_dir module loaded (httpd.conf)
1LoadModule dir_module modules/mod_dir.so
valid directive in the .htaccess file
1DirectoryIndex index.php index.html x.txt

Deny access (403) to IE users (SetEnvIf User-Agent), requires:

Allow Override All or the corresponding grouping of directives (httpd.conf)
1

2
AllowOverride All
or
AllowOverride Limit FileInfo
mod_setenvif and mod_authz_host modules loaded (httpd.conf)
1
2
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule setenvif_module modules/mod_setenvif.so
valid directives in the .htaccess file
1
2
SetEnvIf User-Agent ".*Trident.*$" noIE
Deny from env=noIE

Video demonstration AllowOverride directive and .htaccess

AllowOverride directive, Tutorial

min video details
00:00 AllowOverride directive, .htaccess Tutorial /Apache v2.2
00:12 AllowOverride controls what directives may be placed in .htaccess files.
00:17 AllowOverride is located within the httpd.conf file
00:19 In a shared hosting you won't be having accessto the httpd.conf file, so in case a valid directive does not work in .htaccess it's probably because it can't be overriden through .htaccess.
00:26 There are other reasons why directives don't work in .htaccess, see the conditions that must be met, here
00:30 If the AllowOverride is the problem, you may ask your hosting company to allow the override of the directive through .htaccess.
00:34 AllowOverride Syntax
00:37 AllowOverride All
00:42 All = any directive listed below (Order,Allow,Deny including) is allowed in .htaccess
01:00 denying everyone's access to the server
01:06 htaccess directives honored; server access denied
01:12 AllowOverride None
01:15 None= the .htaccess file is completely ignored
01:24 restarting the server because httpd.conf file modified
01:35 htaccess ignored; Order, Allow, Deny not honored; server access allowed
01:39 AllowOverride groupings of directives
01:41 groupings of directives = only the directives under that specific grouping are allowed in .htaccess
01:49 Order, Allow, Deny directives listed under Limit grouping of directives :

AllowOverride All
or AllowOverride Limit
02:05 directives work; server access denied
02:09 Incorrect example:
AllowOverride Options instead of Limit → server error
02:30 If you want to use the Deny directive together with the SetEnvIf directive in htaccess, then AllowOverride All or AllowOverride Limit FileInfo
02:38 groupings of directives space separated
02:44 server access denied to all User Agents containing the word "Trident" (IE users)
03:06 Firefox browser: server access allowed
03:23 IE11 browser: server access denied

For more information about the htaccess file, please see the spec: apache.org