If your .htaccess
file contains directives that aren’t
covered by the current set of override categories, they won’t
cause an error — the server will just ignore them. So your
file can contain directives in any — or all — of the categories,
and only those in the categories listed in the AllowOverride
list will be processed. All of the others will be checked for
syntax, but otherwise not interpreted.
Overrides: Limiting Which Directives Will
Be Processed
Apache directives fall into seven different categories, and all can
appear in the server-wide config files. Only five of the categories
can be used in .htaccess
files, though, and in order for
Apache to accept a directive in a per-directory file,
the settings for the directory must permit the directive’s
category to be overridden.
The five categories of directives are:
AuthConfig
- This category is intended to be used to control
directives that have to do with Web page security, such as
theAuthName
,Satisfy
, andRequire
directives. This is the most common category to allow to be
overridden, as it allows users to protect their own documents. FileInfo
- Directives that control how files are processed are
Indexes
- Directives that affect file listings should be in this
category. It includesIndexOptions
,
AddDescription
, andDirectoryIndex
,
for example. Limit
- This category is similar to the
AuthConfig
one
in that the directives it covers are typically related to
security. However, they usually involve involuntary
controls, such as controlling access by IP address.
Directive in this category includeOrder
,
Allow
, andDeny
. Options
- The
Options
category is intended for directives
that support miscellaneous options, such as
ContentDigest
,XBitHack
, and
Options
itself.
A special directive, which is usable only in the server-wide
configuration files, dictates which categories may be overridden
in any particular directory tree.
The AllowOverride
directive accepts two special
keywords in addition to the category names listed above:
All
- This is a shorthand way of listing all of the
categories; the two statements below are equivalent:AllowOverride AuthConfig FileInfo Indexes Limits Options AllowOverride All
None
- This keyword totally disables the processing of
.htaccess
files for the specified directory and
its descendants (unless anotherAllowOverride
directive for a subdirectory is defined in the server config files).
‘Disabled’ means that Apache won’t even look for
.htaccess
files, much less process them. This
can result in a performance savings, and is why the
defaulthttpd.conf
file includes such a
directive for the top-level system directory.
.htaccess
processing is disabled for all
directories by default by that directive, and is only
selectively enabled for those trees where it makes
sense.