Order

Befehl: Order

Syntax: Order allow,deny|deny,allow

Default: allow,deny

Beschreibung:

The Order directive configures the order in which Allow and Deny directives are checked inside of a <Limit> block. Because Allow directives are permissive, and Deny directives restrictive, the order in which they are examined cans ignificantly alter the way security functions.
If the default setting of allow,deny is used, "allowed" access permissions are checked first. If an Allow directive explicitly allows access to the <Limit> context, access is granted and any Deny directives are never checked.
If Allow did not explicitly permit access, Deny directives are checked. If any Deny directive applies, access is explicitlyd enied. Otherwise, access is granted.

When deny,allow is used, "deny" access restrictions are checked first. If any restriction applies, access is denied immediately. If nothing is denied, Allow permissions are checked. If an Allow explicitly permits access, access to the entire context is permitted; otherwise access is implicitly denied. For clarification, the following illustrates the steps used when checking

Allow/Deny access:
Order allow,deny
Check Allow directives. If one or more apply, exit with result: ALLOW
Check Deny directives. If one or more apply, exit with result: DENY
Exit with default implicit ALLOW

Order deny,allow
Check Deny directives. If one or more apply, exit with result: DENY
Check Allow directives. If one or more apply, exit with result: ALLOW
Exit with default implicit: DENY