14.5 Configuring Apache Containers

Apache containers are special directives that group other directives, often to create separate web directory hierarchies with different characteristics. A container is delimited by the XML-style tags <type> and </type>, where type is the container type.

The following are examples of container types:

<Directory directory-path>

Applies the contained directives to directories under directory-path. The following example applies the Deny, Allow, and AllowOverride directives to all files and directories under /var/www/html/sandbox.

<Directory /var/www/html/sandbox>
  Deny from all
  Allow from 192.168.2.
  AllowOverride All

The AllowOverride directive is only used in Directory containers and specifies which classes of directives are allowed in .htaccess files. (.htaccess configuration files typically contain user authentication directives for a web directory.) The directive classes control such aspects as authorization, client access, and directory indexing. You can specify the argument All to permit all classes of directives in .htaccess files, a space-separated list of directive classes to permit only those classes, or None to make the server ignore .htaccess files altogether.


If SELinux is enabled on the system, you must change the default file type if the file system hierarchy specified by <Directory> is not under /var/www/html.

<IfModule [!]module>

Applies directives if the specified module has been loaded, or, when the exclamation point (!) is specified, if the module has not been loaded.

The following example disallows user-published content if mod_userdir.c has been loaded:

<IfModule mod_userdir.c>
  UserDir disabled
<Limit method ...>

Places limits on the specified HTTP methods (such as GET, OPTIONS, POST, and PUT) for use with a Uniform Resource Identifier (URI).

The following example limits systems in mydom.com to using only the GET and PUT methods to perform HTTP downloads and uploads:

<Limit GET PUT>
  Order deny,allow
  Deny from all
  Allow from .example.com

Systems outside mydom.com cannot use GET and PUT with the URI.

<LimitExcept method ...>

Places limits on all except the specified HTTP methods for use with a Uniform Resource Identifier (URI).

The following example disallows any system from using any method other than GET and POST:

<LimitExcept GET POST>
  Order deny,allow
  Deny from all
VirtualHost IP_address:port ...

Specifies a group of directives that define a container for a virtual host. See Section 14.6, “Configuring Apache Virtual Hosts”.