匿贿と浩弹瓢

+Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2

匿贿と浩弹瓢

Available Languages: de | en | Index: docs/manual/invoking.html.ko.euc-kr =================================================================== --- docs/manual/invoking.html.ko.euc-kr (.../tags/2.2.0) (wersja 358411) +++ docs/manual/invoking.html.ko.euc-kr (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2

酒颇摹矫累

+Apache > HTTP Server > Documentation > Version 2.2

酒颇摹矫累

啊瓷茄攫绢: de | en | Index: docs/manual/developer/documenting.html.en =================================================================== --- docs/manual/developer/documenting.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/documenting.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Documenting Apache 2.0

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Documenting Apache 2.0

Available Languages: en

Index: docs/manual/developer/modules.html.ja.euc-jp =================================================================== --- docs/manual/developer/modules.html.ja.euc-jp (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/modules.html.ja.euc-jp (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > Developer Documentation

モジュ〖ルの Apache 1.3 から Apache 2.0 への败竣

+Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > Developer Documentation

モジュ〖ルの Apache 1.3 から Apache 2.0 への败竣

Available Languages: en | ja

Index: docs/manual/developer/debugging.html.en =================================================================== --- docs/manual/developer/debugging.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/debugging.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Debugging Memory Allocation in APR

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Debugging Memory Allocation in APR

Available Languages: en

Index: docs/manual/developer/modules.html.en =================================================================== --- docs/manual/developer/modules.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/modules.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Converting Modules from Apache 1.3 to Apache 2.0

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Converting Modules from Apache 1.3 to Apache 2.0

Available Languages: en | ja

Index: docs/manual/developer/filters.html.en =================================================================== --- docs/manual/developer/filters.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/filters.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

How filters work in Apache 2.0

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

How filters work in Apache 2.0

Available Languages: en

Index: docs/manual/developer/API.html.en =================================================================== --- docs/manual/developer/API.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/API.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 1.3 API notes

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 1.3 API notes

Available Languages: en

Index: docs/manual/developer/thread_safety.html.en =================================================================== --- docs/manual/developer/thread_safety.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/thread_safety.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 2.0 Thread Safety Issues

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 2.0 Thread Safety Issues

Available Languages: en

Index: docs/manual/developer/hooks.html.en =================================================================== --- docs/manual/developer/hooks.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/hooks.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 2.0 Hook Functions

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Apache 2.0 Hook Functions

Available Languages: en

Index: docs/manual/developer/request.html.en =================================================================== --- docs/manual/developer/request.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/request.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Request Processing in Apache 2.0

+Apache > HTTP Server > Documentation > Version 2.2 > Developer Documentation

Request Processing in Apache 2.0

Available Languages: en

Index: docs/manual/developer/index.html.en =================================================================== --- docs/manual/developer/index.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/developer/index.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2

Developer Documentation for Apache 2.0

+Apache > HTTP Server > Documentation > Version 2.2

Developer Documentation for Apache 2.0

Available Languages: en

Index: docs/manual/upgrading.xml.ko =================================================================== --- docs/manual/upgrading.xml.ko (.../tags/2.2.0) (wersja 358411) +++ docs/manual/upgrading.xml.ko (.../branches/2.2.x) (wersja 358411) @@ -1,7 +1,7 @@ - + + +Access Control - Apache HTTP Server + + + + + +

+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials

Access Control

Available Languages: en

+ +

Access control refers to any means of controlling access to any + resource. This is separate from authentication and authorization.

Related Modules and Directives
Access control by host
Access control by environment variable
Access control with mod_rewrite
More information

Related Modules and Directives

+ +

Access control can be done by several different modules. The most +important of these is mod_authz_host. Other modules +discussed in this document include mod_setenvif and +mod_rewrite.

+ +

Access control by host

+ If you wish to restrict access to portions of your site based on the + host address of your visitors, this is most easily done using + mod_authz_host. +

+ +

The Allow and + Deny directives let + you allow and deny access based on the host name, or host + address, of the machine requesting a document. The + Order directive goes + hand-in-hand with these two, and tells Apache in which order to + apply the filters.

+ +

The usage of these directives is:

+ +

+ Allow from address +

+ +

where address is an IP address (or a partial IP + address) or a fully qualified domain name (or a partial domain + name); you may provide multiple addresses or domain names, if + desired.

+ +

For example, if you have someone spamming your message + board, and you want to keep them out, you could do the + following:

+ +

+ Deny from 205.252.46.165 +

+ +

Visitors coming from that address will not be able to see + the content covered by this directive. If, instead, you have a + machine name, rather than an IP address, you can use that.

+ +

+ Deny from host.example.com +

+ +

And, if you'd like to block access from an entire domain, + you can specify just part of an address or domain name:

+ +

+ Deny from 192.101.205 + Deny from cyberthugs.com moreidiots.com + Deny from ke +

+ +

Using Order will let you + be sure that you are actually restricting things to the group that you want + to let in, by combining a Deny and an Allow directive:

+ +

+ Order deny,allow + Deny from all + Allow from dev.example.com +

+ +

Listing just the Allow + directive would not do what you want, because it will let folks from that + host in, in addition to letting everyone in. What you want is to let + only those folks in.

Access control by environment variable

+ +

+ mod_authz_host, in conjunction with + mod_setenvif, can be used to restrict access to + your website based on the value of arbitrary environment variables. + This is done with the Allow from env= and Deny + from env= syntax. +

+ +

+ SetEnvIf User-Agent BadBot GoAway=1 + Order allow,deny + Allow from all + Deny from env=GoAway +

+ +

Warning:

Access control by User-Agent is an unreliable technique, + since the User-Agent header can be set to anything at all, + at the whim of the end user.

+ +

+ In the above example, the environment variable GoAway + is set to 1 if the User-Agent matches the + string BadBot. Then we deny access for any request when + this variable is set. This blocks that particular user agent from + the site. +

+ +

An environment variable test can be negated using the =! + syntax:

+ +

+ Allow from env=!GoAway +

+ +

Access control with mod_rewrite

+ +

The [F] RewriteRule flag causes a 403 Forbidden +response to be sent. Using this, you can deny access to a resource based +on arbitrary criteria.

+ +

For example, if you wish to block access to a resource between 8pm +and 6am, you can do this using mod_rewrite.

+ +

+RewriteEngine On +RewriteCond %{TIME_HOUR} > 20 [OR] +RewriteCond %{TIME_HOUR} < 07 +RewriteRule ^/fridge - [F] +

+ +

This will return a 403 Forbidden response for any request after 8pm +or before 7am. This technique can be used for any criteria that you wish +to check. You can also redirect, or otherwise rewrite these requests, if +that approach is preferred.

+ +

More information

You should also read the documentation for + mod_auth_basic and mod_authz_host which + contain some more information about how this all works. + mod_authn_alias can also help in simplifying certain + authentication configurations.

+ +

See the Authentication and Authorization + howto.

Available Languages: en

+ \ No newline at end of file Zmiany atrybut贸w dla: docs/manual/howto/access.html.en ___________________________________________________________________ Nazwa: svn:eol-style + native Index: docs/manual/howto/auth.html.en =================================================================== --- docs/manual/howto/auth.html.en (.../tags/2.2.0) (wersja 358411) +++ docs/manual/howto/auth.html.en (.../branches/2.2.x) (wersja 358411) @@ -16,7 +16,7 @@

-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials

Authentication, Authorization and Access Control

+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials

Authentication, Authorization and Access Control

Available Languages: en | ja | @@ -35,8 +35,7 @@

Letting more than one person in

Possible problems

What other neat stuff can I -do?

Alternate password storage

More information

@@ -90,6 +89,9 @@ of the request, but is not part of the authentication provider system.

You probably also want to take a look at the Access Control howto, which discusses the + various ways to control access to your server.

Introduction

@@ -100,6 +102,11 @@

This article covers the "standard" way of protecting parts of your web site that most of you are going to use.

+ +

Note:

If your data really needs to be secure, consider using + mod_ssl in addition to any authentication.

The Prerequisites

@@ -137,7 +144,12 @@

Here's the basics of password protecting a directory on your server.

You'll need to create a password file. This file should be +

First, you need to create a password file. Exactly how you do + this will vary depending on what authentication provider you have + chosen. More on that later. To start with, we'll use a text password + file.

+ +

This file should be placed somewhere not accessible from the web. This is so that folks cannot download the password file. For example, if your documents are served out of /usr/local/apache/htdocs you @@ -146,7 +158,10 @@

To create the file, use the htpasswd utility that came with Apache. This will be located in the bin directory - of wherever you installed Apache. To create the file, type:

+ of wherever you installed Apache. If you have installed Apache from + a third-party package, it may be in your execution path.

+ +

To create the file, type:

htpasswd -c /usr/local/apache/passwd/passwords rbowen @@ -164,8 +179,8 @@

If htpasswd is not in your path, of course you'll have to type the full path to the file to get it to run. - On my server, it's located at - /usr/local/apache/bin/htpasswd


+    With a default installation, it's located at
+    /usr/local/apache2/bin/htpasswd
 
     Next, you'll need to configure the server to request a
     password and tell the server which users are allowed access.
@@ -181,6 +196,8 @@
     

       AuthType Basic

       AuthName "Restricted Files"

+      # (Following line optional)

+      AuthBasicProvider file

       AuthUserFile /usr/local/apache/passwd/passwords

       Require user rbowen
     
@@ -191,9 +208,10 @@
     implemented by mod_auth_basic. It is important to be aware,
     however, that Basic authentication sends the password from the client to
     the server unencrypted. This method should therefore not be used for
-    highly sensitive data. Apache supports one other authentication method:
-    AuthType Digest. This method is implemented by mod_auth_digest and is much more secure. Only the most recent
-    versions of clients are known to support Digest authentication.
+    highly sensitive data, unless accompanied by mod_ssl.
+    Apache supports one other authentication method:
+    AuthType Digest. This method is implemented by mod_auth_digest and is much more secure. Most recent
+    browsers support Digest authentication.
 
     The AuthName directive sets
     the Realm to be used in the authentication. The realm serves
@@ -212,6 +230,12 @@
     will always need to ask again for the password whenever the
     hostname of the server changes.
 
+    The AuthBasicProvider is,
+    in this case, optional, since file is the default value
+    for this directive. You'll need to use this directive if you are
+    choosing a different source for authentication, such as
+    mod_authn_dbm or mod_authn_dbd.
+
     The AuthUserFile
     directive sets the path to the password file that we just
     created with htpasswd. If you have a large number
@@ -269,6 +293,8 @@
     

       AuthType Basic

       AuthName "By Invitation Only"

+      # Optional line:
+      AuthBasicProvider file
       AuthUserFile /usr/local/apache/passwd/passwords

       AuthGroupFile /usr/local/apache/passwd/groups

       Require group GroupName
@@ -317,71 +343,31 @@
     different authentication method at that time.

 

 
-What other neat stuff can I
-do?
-    Authentication by username and password is only part of the
-    story. Frequently you want to let people in based on something
-    other than who they are. Something such as where they are
-    coming from.
+Alternate password storage
 
-    The Allow and
-    Deny directives let
-    you allow and deny access based on the host name, or host
-    address, of the machine requesting a document. The
-    Order directive goes
-    hand-in-hand with these two, and tells Apache in which order to
-    apply the filters.
+    Because storing passwords in plain text files has the above
+    problems, you may wish to store your passwords somewhere else, such
+    as in a database.
 
-    The usage of these directives is:
+    mod_authn_dbm and mod_authn_dbd
+    are two modules which make this possible. Rather than selecting
+    AuthBasicSource file,
+    instead you can choose dbm or dbd as your
+    storage format.
 
-    
-      Allow from address
-    
+    To select a dbd file rather than a text file, for example:
 
-    where address is an IP address (or a partial IP
-    address) or a fully qualified domain name (or a partial domain
-    name); you may provide multiple addresses or domain names, if
-    desired.
-
-    For example, if you have someone spamming your message
-    board, and you want to keep them out, you could do the
-    following:
-
     
-      Deny from 205.252.46.165
+    <Directory /www/docs/private>

+    AuthName "Private"

+    AuthType Basic

+    AuthBasicProvider dbm

+    AuthDBMUserFile /www/passwords/passwd.dbm

+    Require valid-user
     
 
-    Visitors coming from that address will not be able to see
-    the content covered by this directive. If, instead, you have a
-    machine name, rather than an IP address, you can use that.
-
-    
-      Deny from host.example.com
-    
-
-    And, if you'd like to block access from an entire domain,
-    you can specify just part of an address or domain name:
-
-    
-      Deny from 192.101.205

-      Deny from cyberthugs.com moreidiots.com

-      Deny from ke
-    
-
-    Using Order will let you
-    be sure that you are actually restricting things to the group that you want
-    to let in, by combining a Deny and an Allow directive:
-
-    
-      Order deny,allow

-      Deny from all

-      Allow from dev.example.com
-    
-
-    Listing just the Allow
-    directive would not do what you want, because it will let folks from that
-    host in, in addition to letting everyone in. What you want is to let
-    only those folks in.
+    Other options are available. Consult the
+    mod_authn_dbm documentation for more details.
 

 
 More information
@@ -390,6 +376,10 @@
     contain some more information about how this all works.
     mod_authn_alias can also help in simplifying certain
     authentication configurations.
+
+    And you may want to look at the Access
+    Control howto, which discusses a number of related topics.
+


 
 Available Languages:  en  |
Index: docs/manual/howto/cgi.html.en
===================================================================
--- docs/manual/howto/cgi.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/cgi.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: Dynamic Content with CGI
+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: Dynamic Content with CGI
 
 Available Languages:  en  |
  ja  |
Index: docs/manual/howto/index.xml
===================================================================
--- docs/manual/howto/index.xml	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/index.xml	(.../branches/2.2.x)	(wersja 358411)
@@ -30,18 +30,30 @@
     How-To / Tutorials
 
     

-      Authentication
+      Authentication and Authorization
       
         Authentication is any process by which you verify that
         someone is who they claim they are. Authorization is any
         process by which someone is allowed to be where they want to
         go, or to have information that they want to have.
 
-        See: Authentication, Authorization, and Access Control
+        See: Authentication, Authorization
       
     
 
     
+      Access Control
+      
+        Access control refers to the process of restricting, or
+        granting access to a resource based on arbitrary criteria. There
+        are a variety of different ways that this can be
+        accomplished.
+
+        See: Access Control
+      
+    
+
+   
       Dynamic Content with CGI
       
         The CGI (Common Gateway Interface) defines a way for a web
Index: docs/manual/howto/ssi.html.ja.euc-jp
===================================================================
--- docs/manual/howto/ssi.html.ja.euc-jp	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/ssi.html.ja.euc-jp	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > How-To / チュ〖トリアル
Apache チュ〖トリアル: Server Side Includes 掐嚏
+Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > How-To / チュ〖トリアル
Apache チュ〖トリアル: Server Side Includes 掐嚏
 
 Available Languages:  en  |
  ja  |
Index: docs/manual/howto/index.xml.ko
===================================================================
--- docs/manual/howto/index.xml.ko	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/index.xml.ko	(.../branches/2.2.x)	(wersja 358411)
@@ -1,7 +1,7 @@
 
 
 
-
+
 
 
+
 
 
+
+
+
+
+How-To / Tutorials
+
+Access Control
+
+

+    Access control refers to any means of controlling access to any
+    resource. This is separate from authentication and authorization.
+
+
+Related Modules and Directives
+
+Access control can be done by several different modules. The most
+important of these is mod_authz_host. Other modules
+discussed in this document include mod_setenvif and
+mod_rewrite.
+
+
+
+Access control by host
+    
+    If you wish to restrict access to portions of your site based on the
+    host address of your visitors, this is most easily done using
+    mod_authz_host.
+    
+
+    The Allow and
+    Deny directives let
+    you allow and deny access based on the host name, or host
+    address, of the machine requesting a document. The
+    Order directive goes
+    hand-in-hand with these two, and tells Apache in which order to
+    apply the filters.
+
+    The usage of these directives is:
+
+    
+      Allow from address
+    
+
+    where address is an IP address (or a partial IP
+    address) or a fully qualified domain name (or a partial domain
+    name); you may provide multiple addresses or domain names, if
+    desired.
+
+    For example, if you have someone spamming your message
+    board, and you want to keep them out, you could do the
+    following:
+
+    
+      Deny from 205.252.46.165
+    
+
+    Visitors coming from that address will not be able to see
+    the content covered by this directive. If, instead, you have a
+    machine name, rather than an IP address, you can use that.
+
+    
+      Deny from host.example.com
+    
+
+    And, if you'd like to block access from an entire domain,
+    you can specify just part of an address or domain name:
+
+    
+      Deny from 192.101.205

+      Deny from cyberthugs.com moreidiots.com

+      Deny from ke
+    
+
+    Using Order will let you
+    be sure that you are actually restricting things to the group that you want
+    to let in, by combining a Deny and an Allow directive:
+
+    
+      Order deny,allow

+      Deny from all

+      Allow from dev.example.com
+    
+
+    Listing just the Allow
+    directive would not do what you want, because it will let folks from that
+    host in, in addition to letting everyone in. What you want is to let
+    only those folks in.
+
+
+Access control by environment variable
+
+    
+    mod_authz_host, in conjunction with
+    mod_setenvif, can be used to restrict access to
+    your website based on the value of arbitrary environment variables.
+    This is done with the Allow from env= and Deny
+    from env= syntax.
+    
+
+    
+    SetEnvIf User-Agent BadBot GoAway=1

+    Order allow,deny

+    Allow from all

+    Deny from env=GoAway
+    
+
+    Warning:
+    Access control by User-Agent is an unreliable technique,
+    since the User-Agent header can be set to anything at all,
+    at the whim of the end user.
+    
+
+    
+    In the above example, the environment variable GoAway
+    is set to 1 if the User-Agent matches the
+    string BadBot. Then we deny access for any request when
+    this variable is set. This blocks that particular user agent from
+    the site.
+    
+
+    An environment variable test can be negated using the =!
+    syntax:
+
+    
+    Allow from env=!GoAway
+    
+
+
+
+Access control with mod_rewrite
+
+The [F] RewriteRule flag causes a 403 Forbidden
+response to be sent. Using this, you can deny access to a resource based
+on arbitrary criteria.
+
+For example, if you wish to block access to a resource between 8pm
+and 6am, you can do this using mod_rewrite.
+
+
+RewriteEngine On

+RewriteCond %{TIME_HOUR} > 20 [OR]

+RewriteCond %{TIME_HOUR} < 07

+RewriteRule ^/fridge - [F]
+
+
+This will return a 403 Forbidden response for any request after 8pm
+or before 7am. This technique can be used for any criteria that you wish
+to check. You can also redirect, or otherwise rewrite these requests, if
+that approach is preferred.
+
+
+
+More information
+    You should also read the documentation for
+    mod_auth_basic and mod_authz_host which
+    contain some more information about how this all works.
+    mod_authn_alias can also help in simplifying certain
+    authentication configurations.
+
+    See the Authentication and Authorization
+    howto.
+
+
+
+

Zmiany atrybut贸w dla: docs/manual/howto/access.xml
___________________________________________________________________
Nazwa: svn:eol-style
   + native
Nazwa: svn:keywords
   + LastChangedRevision

Index: docs/manual/howto/auth.xml
===================================================================
--- docs/manual/howto/auth.xml	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/auth.xml	(.../branches/2.2.x)	(wersja 358411)
@@ -81,6 +81,10 @@
   of the request, but is not part of the authentication provider
   system.
 
+  You probably also want to take a look at the Access Control howto, which discusses the
+  various ways to control access to your server.
+
 
 
 Introduction
@@ -91,6 +95,11 @@
 
     This article covers the "standard" way of protecting parts
     of your web site that most of you are going to use.
+
+    Note:
+    If your data really needs to be secure, consider using
+    mod_ssl in addition to any authentication.
+    
 
 
 The Prerequisites
@@ -128,7 +137,12 @@
     Here's the basics of password protecting a directory on your
     server.
 
-    You'll need to create a password file. This file should be
+    
First, you need to create a password file. Exactly how you do
+    this will vary depending on what authentication provider you have
+    chosen. More on that later. To start with, we'll use a text password
+    file.
+
+    This file should be
     placed somewhere not accessible from the web. This is so that
     folks cannot download the password file. For example, if your
     documents are served out of /usr/local/apache/htdocs you
@@ -137,7 +151,10 @@
 
     
To create the file, use the htpasswd utility that
     came with Apache. This will be located in the bin directory
-    of wherever you installed Apache. To create the file, type:
+    of wherever you installed Apache. If you have installed Apache from
+    a third-party package, it may be in your execution path.
+    
+    To create the file, type:
 
     
       htpasswd -c /usr/local/apache/passwd/passwords rbowen
@@ -155,8 +172,8 @@
 
     If htpasswd is not in your path, of course
     you'll have to type the full path to the file to get it to run.
-    On my server, it's located at
-    /usr/local/apache/bin/htpasswd
+    With a default installation, it's located at
+    /usr/local/apache2/bin/htpasswd
 
     Next, you'll need to configure the server to request a
     password and tell the server which users are allowed access.
@@ -172,6 +189,8 @@
     
       AuthType Basic

       AuthName "Restricted Files"

+      # (Following line optional)

+      AuthBasicProvider file

       AuthUserFile /usr/local/apache/passwd/passwords

       Require user rbowen
     
@@ -183,10 +202,11 @@
     implemented by mod_auth_basic. It is important to be aware,
     however, that Basic authentication sends the password from the client to
     the server unencrypted. This method should therefore not be used for
-    highly sensitive data. Apache supports one other authentication method:
+    highly sensitive data, unless accompanied by mod_ssl.
+    Apache supports one other authentication method:
     AuthType Digest. This method is implemented by mod_auth_digest and is much more secure. Only the most recent
-    versions of clients are known to support Digest authentication.
+    >mod_auth_digest and is much more secure. Most recent
+    browsers support Digest authentication.
 
     The AuthName directive sets
     the Realm to be used in the authentication. The realm serves
@@ -205,6 +225,13 @@
     will always need to ask again for the password whenever the
     hostname of the server changes.
 
+    The AuthBasicProvider is,
+    in this case, optional, since file is the default value
+    for this directive. You'll need to use this directive if you are
+    choosing a different source for authentication, such as
+    mod_authn_dbm or mod_authn_dbd.
+
     The AuthUserFile
     directive sets the path to the password file that we just
     created with htpasswd. If you have a large number
@@ -266,6 +293,8 @@
     
       AuthType Basic

       AuthName "By Invitation Only"

+      # Optional line:
+      AuthBasicProvider file
       AuthUserFile /usr/local/apache/passwd/passwords

       AuthGroupFile /usr/local/apache/passwd/groups

       Require group GroupName
@@ -314,73 +343,31 @@
     different authentication method at that time.
 
 
-What other neat stuff can I
-do?
-    Authentication by username and password is only part of the
-    story. Frequently you want to let people in based on something
-    other than who they are. Something such as where they are
-    coming from.
+Alternate password storage
 
-    The Allow and
-    Deny directives let
-    you allow and deny access based on the host name, or host
-    address, of the machine requesting a document. The
-    Order directive goes
-    hand-in-hand with these two, and tells Apache in which order to
-    apply the filters.
+    Because storing passwords in plain text files has the above
+    problems, you may wish to store your passwords somewhere else, such
+    as in a database.
 
-    The usage of these directives is:
+    mod_authn_dbm and mod_authn_dbd
+    are two modules which make this possible. Rather than selecting
+    AuthBasicSource file,
+    instead you can choose dbm or dbd as your
+    storage format.
 
-    
-      Allow from address
-    
+    To select a dbd file rather than a text file, for example:
 
-    where address is an IP address (or a partial IP
-    address) or a fully qualified domain name (or a partial domain
-    name); you may provide multiple addresses or domain names, if
-    desired.
-
-    For example, if you have someone spamming your message
-    board, and you want to keep them out, you could do the
-    following:
-
     
-      Deny from 205.252.46.165
+    <Directory /www/docs/private>

+    AuthName "Private"

+    AuthType Basic

+    AuthBasicProvider dbm

+    AuthDBMUserFile /www/passwords/passwd.dbm

+    Require valid-user
     
 
-    Visitors coming from that address will not be able to see
-    the content covered by this directive. If, instead, you have a
-    machine name, rather than an IP address, you can use that.
-
-    
-      Deny from host.example.com
-    
-
-    And, if you'd like to block access from an entire domain,
-    you can specify just part of an address or domain name:
-
-    
-      Deny from 192.101.205

-      Deny from cyberthugs.com moreidiots.com

-      Deny from ke
-    
-
-    Using Order will let you
-    be sure that you are actually restricting things to the group that you want
-    to let in, by combining a Deny and an Allow directive:
-
-    
-      Order deny,allow

-      Deny from all

-      Allow from dev.example.com
-    
-
-    Listing just the Allow
-    directive would not do what you want, because it will let folks from that
-    host in, in addition to letting everyone in. What you want is to let
-    only those folks in.
+    Other options are available. Consult the
+    mod_authn_dbm documentation for more details.
 
 
 More information
@@ -389,6 +376,10 @@
     contain some more information about how this all works.
     mod_authn_alias can also help in simplifying certain
     authentication configurations.
+
+    And you may want to look at the Access
+    Control howto, which discusses a number of related topics.
+
 
 
 
Index: docs/manual/howto/htaccess.html.en
===================================================================
--- docs/manual/howto/htaccess.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/htaccess.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: .htaccess files
+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: .htaccess files
 
 Available Languages:  en  |
  ja  |
Index: docs/manual/howto/cgi.html.ko.euc-kr
===================================================================
--- docs/manual/howto/cgi.html.ko.euc-kr	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/cgi.html.ko.euc-kr	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
酒颇摹 捧配府倔: CGI甫 荤侩茄 悼利 其捞瘤 积己
+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
酒颇摹 捧配府倔: CGI甫 荤侩茄 悼利 其捞瘤 积己
 
 啊瓷茄 攫绢:  en  |
  ja  |
Index: docs/manual/howto/ssi.html.en
===================================================================
--- docs/manual/howto/ssi.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/ssi.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: Introduction to Server Side Includes
+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Apache Tutorial: Introduction to Server Side Includes
 
 Available Languages:  en  |
  ja  |
Index: docs/manual/howto/public_html.html.en
===================================================================
--- docs/manual/howto/public_html.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/public_html.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Per-user web directories
+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials
Per-user web directories
 
 Available Languages:  en  |
  ja  |
Index: docs/manual/howto/index.html.ko.euc-kr
===================================================================
--- docs/manual/howto/index.html.ko.euc-kr	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/index.html.ko.euc-kr	(.../branches/2.2.x)	(wersja 358411)
@@ -16,12 +16,14 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2
How-To / 捧配府倔
+Apache > HTTP Server > Documentation > Version 2.2
How-To / 捧配府倔
 
 啊瓷茄 攫绢:  en  |
  ja  |
  ko 
 
+捞 巩辑绰 弥脚魄 锅开捞 酒凑聪促.
+            弥辟俊 函版等 郴侩篮 康绢 巩辑甫 曼绊窍技夸.
 
 
 
Index: docs/manual/howto/auth.xml.ko
===================================================================
--- docs/manual/howto/auth.xml.ko	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/howto/auth.xml.ko	(.../branches/2.2.x)	(wersja 358411)
@@ -1,7 +1,7 @@
 
 
 
-
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
-mod_imap - Apache HTTP Server
+mod_imagemap - Apache HTTP Server
 
 
 
@@ -17,9 +17,9 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > 葛碘
+Apache > HTTP Server > Documentation > Version 2.2 > 葛碘
 
-酒颇摹 葛碘 mod_imap
+酒颇摹 葛碘 mod_imagemap
 
 啊瓷茄 攫绢:  en  |
  ko 
@@ -28,8 +28,8 @@
             弥辟俊 函版等 郴侩篮 康绢 巩辑甫 曼绊窍技夸.
 
-
-汲疙: 辑滚螟 捞固瘤甘(imagemap) 贸府
 惑怕: Base
葛碘疙: imap_module
家胶颇老: mod_imap.c
+葛碘疙:imagemap_module
+家胶颇老:mod_imagemap.c
 夸距
 
     捞 葛碘篮 imagemap CGI 橇肺弊伐阑 措脚窍咯
@@ -280,7 +280,7 @@
 荤侩厘家:林辑滚汲沥, 啊惑龋胶飘, directory, .htaccess
 Override 可记:Indexes
 惑怕:Base
-葛碘:mod_imap
+葛碘:mod_imagemap
 
     
ImapBase 瘤矫绢绰 捞固瘤甘 颇老俊辑
     荤侩且 base 扁夯蔼阑 汲沥茄促. 捞固瘤甘 颇老
@@ -303,7 +303,7 @@
 荤侩厘家:林辑滚汲沥, 啊惑龋胶飘, directory, .htaccess
 Override 可记:Indexes
 惑怕:Base
-葛碘:mod_imap
+葛碘:mod_imagemap
 
     
ImapDefault 瘤矫绢绰 捞固瘤甘
     颇老俊辑 荤侩且 default 扁夯蔼阑 汲沥茄促.
@@ -322,7 +322,7 @@
 荤侩厘家:林辑滚汲沥, 啊惑龋胶飘, directory, .htaccess
 Override 可记:Indexes
 惑怕:Base
-葛碘:mod_imap
+葛碘:mod_imagemap
 
     
ImapMenu 瘤矫绢绰 捞固瘤甘 颇老俊
     蜡瓤茄 谅钎甫 林瘤 臼篮 版快 秒且 青悼阑 搬沥茄促.
Index: docs/manual/mod/mod_so.html.en
===================================================================
--- docs/manual/mod/mod_so.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/mod_so.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -17,7 +17,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > Modules
+Apache > HTTP Server > Documentation > Version 2.2 > Modules
 
 Apache Module mod_so
 
Index: docs/manual/mod/mod_dav.html.ja.euc-jp
===================================================================
--- docs/manual/mod/mod_dav.html.ja.euc-jp	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/mod_dav.html.ja.euc-jp	(.../branches/2.2.x)	(wersja 358411)
@@ -17,7 +17,7 @@
 
 
 
-Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > モジュ〖ル
+Apache > HTTP サ〖バ > ドキュメンテ〖ション > バ〖ジョン 2.2 > モジュ〖ル
 
 Apache モジュ〖ル mod_dav
 
Index: docs/manual/mod/mod_authn_anon.html.ko.euc-kr
===================================================================
--- docs/manual/mod/mod_authn_anon.html.ko.euc-kr	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/mod_authn_anon.html.ko.euc-kr	(.../branches/2.2.x)	(wersja 358411)
@@ -17,7 +17,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > 葛碘
+Apache > HTTP Server > Documentation > Version 2.2 > 葛碘
 
 酒颇摹 葛碘 mod_authn_anon
 
Index: docs/manual/mod/directive-dict.html.ko.euc-kr
===================================================================
--- docs/manual/mod/directive-dict.html.ko.euc-kr	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/directive-dict.html.ko.euc-kr	(.../branches/2.2.x)	(wersja 358411)
@@ -16,7 +16,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2
瘤矫绢甫 汲疙窍绰单 荤侩茄 侩绢甸
+Apache > HTTP Server > Documentation > Version 2.2
瘤矫绢甫 汲疙窍绰单 荤侩茄 侩绢甸
 
 啊瓷茄 攫绢:  en  |
  ja  |
Index: docs/manual/mod/mpm_common.html.en
===================================================================
--- docs/manual/mod/mpm_common.html.en	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/mpm_common.html.en	(.../branches/2.2.x)	(wersja 358411)
@@ -17,7 +17,7 @@
 
 
 
-Apache > HTTP Server > Documentation > Version 2.2 > Modules
+Apache > HTTP Server > Documentation > Version 2.2 > Modules
 
 Apache MPM Common Directives
 
Index: docs/manual/mod/core.xml.de
===================================================================
--- docs/manual/mod/core.xml.de	(.../tags/2.2.0)	(wersja 358411)
+++ docs/manual/mod/core.xml.de	(.../branches/2.2.x)	(wersja 358411)
@@ -1,7 +1,7 @@
 
 
 
-
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+
 
 
+

汲疙:	辑滚螟捞固瘤甘(imagemap) 贸府
惑怕:	Base
葛碘疙:	imap_module
家胶颇老:	mod_imap.c

匿贿と浩弹瓢

匿贿と浩弹瓢

酒颇摹 矫累

酒颇摹 矫累

Documenting Apache 2.0

Documenting Apache 2.0

モジュ〖ルの Apache 1.3 から Apache 2.0 への败竣

モジュ〖ルの Apache 1.3 から Apache 2.0 への败竣

Debugging Memory Allocation in APR

Debugging Memory Allocation in APR

Converting Modules from Apache 1.3 to Apache 2.0

Converting Modules from Apache 1.3 to Apache 2.0

How filters work in Apache 2.0

How filters work in Apache 2.0

Apache 1.3 API notes

Apache 1.3 API notes

Apache 2.0 Thread Safety Issues

Apache 2.0 Thread Safety Issues

Apache 2.0 Hook Functions

Apache 2.0 Hook Functions

Request Processing in Apache 2.0

Request Processing in Apache 2.0

Developer Documentation for Apache 2.0

Developer Documentation for Apache 2.0

Access Control

Warning:

Authentication, Authorization and Access Control

Authentication, Authorization and Access Control

Note:

Apache Tutorial: Dynamic Content with CGI

Apache Tutorial: Dynamic Content with CGI

Apache チュ〖トリアル: Server Side Includes 掐嚏

Apache チュ〖トリアル: Server Side Includes 掐嚏

Apache Tutorial: .htaccess files

Apache Tutorial: .htaccess files

酒颇摹 捧配府倔: CGI甫 荤侩茄 悼利 其捞瘤 积己

酒颇摹 捧配府倔: CGI甫 荤侩茄 悼利 其捞瘤 积己

Apache Tutorial: Introduction to Server Side Includes

Apache Tutorial: Introduction to Server Side Includes

Per-user web directories

Per-user web directories

How-To / 捧配府倔

How-To / 捧配府倔

酒颇摹 葛碘 mod_imap

酒颇摹 葛碘 mod_imagemap

夸距

Apache Module mod_so

Apache モジュ〖ル mod_dav

酒颇摹 葛碘 mod_authn_anon

瘤矫绢甫 汲疙窍绰单 荤侩茄 侩绢甸

瘤矫绢甫 汲疙窍绰单 荤侩茄 侩绢甸

Apache MPM Common Directives

酒颇摹矫累

酒颇摹矫累

酒颇摹捧配府倔: CGI甫荤侩茄悼利其捞瘤积己

酒颇摹捧配府倔: CGI甫荤侩茄悼利其捞瘤积己

酒颇摹葛碘 mod_imap

酒颇摹葛碘 mod_imagemap

酒颇摹葛碘 mod_authn_anon

瘤矫绢甫汲疙窍绰单荤侩茄侩绢甸

瘤矫绢甫汲疙窍绰单荤侩茄侩绢甸