During my .htaccess i acquired the next:
<Limit GET POST> order deny,allow deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> <Files .htaccess> order allow,deny deny from all </Files>
Now shall we be held just stupid or perhaps is a problem? , i looked on the internet and Apache documentation and do not comprehend the limit get publish put remove etc but shall we be held write in thinking whatever it's doing the work says to permit then after permitting it's denying again? it simply doesn't make sence in my experience and never confident that i ought to remove from .htaccess or correct it if wrong? could someone help as either it's wrong or i am am stupid. I suppose the 3rd one means deny use of .htaccess file but this order allow then deny appears enjoy it first enables then immediately denys i am confused.
Once more thank you for any help.
This can be a quite confusing method of using Apache configuration directives.
Technically, the very first bit is the same as
Allow From All
The reason being
Order Deny,Allow helps make the Deny directive examined prior to the Allow Directives.
Within this situation, Deny and permit conflict with one another, but Allow, being the final examined will match any user, and access is going to be granted.
Now, simply to make things obvious, this type of configuration isn't good and really should be prevented whatsoever cost, since it edges undefined behavior.
The Limit sections define which HTTP techniques have the directory that contains the .htaccess file.
Here, GET and Publish techniques are permitted access, and set and Remove techniques are refused access. Here is a link explaining exactly what the various HTTP techniques are: http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
However, it's a lot more than frequently useless to make use of these restrictions as lengthy as you do not have custom CGI scripts or Apache modules that directly handle the non-standard techniques (PUT and Remove), since automatically, Apache doesn't handle them whatsoever.
It has to also be observed that a couple of other techniques exist that may also be handled by Limit, namely CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK.
The final bit can also be most definitely useless, since any properly set up Apache installation consists of the next bit of configuration:
# # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # <Files ~ "^\.ht"> Order allow,deny Deny from all Satisfy all </Files>
which prohibits use of any file beginning by ".ht".