Apache containers are special configuration directives that group other directives. The containers use XML-style tags, meaning that the beginning of a container is <name> and the end is </name>. An index of all the container directives is available at http://httpd.apache.org/docs/current/sections.html. The following are examples of containers:
<Directory directory-path>
This container applies directives to directories within directory-path. The example applies Deny, Allow, and AllowOverride directives to all files and directories within the /var/www/html/test directory hierarchy. Indenting is for readability only.
<Directory /var/www/html/test>
Deny from all
Allow from 192.168.2.
AllowOverride All
</Directory>
The AllowOverride directive in this container specifies classes of directives that are allowed in .htaccess files. The .htaccess files are other configuration files that typically contain user authentication directives. The ALL argument to AllowOverride means that all classes of directives are allowed in the .htaccess files. There are classes of directives that control authorization, control client access, control directory indexing, and others.
<IfModule [!]module-name>
This container applies directives if module-name is loaded. With the optional exclamation point, Apache does the inverse; that is, it sets the directives in the container if the module-name is not loaded. An example is as follows:
<IfModule mod_userdir.c>
UserDir disabled
</IfModule>
<Limit method [method] …>
This container limits access control directives to specified methods. An HTTP method specifies actions to perform on a Uniform Resource Identifier (URI). Examples of methods are GET (the default), PUT, POST, and OPTIONS. The following example disables HTTP uploads (PUT) from systems that are not in the example.com domain:
<Limit PUT>
Order deny,allow
Deny from all
Allow from .example.com
</Limit>
<LimitExcept method [method] …>
This container is the opposite of the Limit container in that it limits access control directives to
all except specified methods. The following example uses the LimitExcept container but also illustrates that containers can be nested. This example controls access to UserDir directories by restricting these directories to be read-only:
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch \
IncludesNoExec
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
The Options directive controls server features by directory. Some of these are described:
- MultiViews: Allows a page to be displayed in different languages, for example
- Indexes: Generates a directory listing if the DirectoryIndex directive is not set
- SymLinksIfOwnerMatch: Follows symbolic links if the file or directory being pointed to has the same owner as the link