In the page that appears, click the link for the directory you want to restrict.
The directories listed in this page are in the servers document root. Once
you click a link, the Editing drop-down
list displays the absolute path to the directory.
If you want to view all files in your server root, click Options and check
the box labeled List files as well as directories
and then click OK.
Click Edit Access Control.
The two-frame pages appear.
Click New Line twice to create two rules.
Don't edit the default values for the first rulethey deny all access to the
directory. You'll edit the second rule to allow read access to the
"executives" group.
Click Deny in the second rule. In the bottom frame that appears, check Allow, and then click Update.
Click anyone in the second rule. In the bottom frame, type the group you want to have access to the server. For this example, type executives in the Group field. Click Update.
Click all in the top frame. Uncheck
the Write and Delete access rights.
This means the users in the executives group can't add or remove files, but
they can view them and run any applications in the directories. Click
Update.
Click New Line to create a rule for the "ceo" user. Check Allow for the third rule.
Click anyone. In the bottom frame, type ceo in the User field. Click Update.
Uncheck Continue for both the second and the third rules.
This means that the server ignores any ACLs for directories or files under
the directory you specified in Step 3. The frame should look like the one
in Figure 14.6.