27/01/10 Directives may be global/server-wide (server config) directives - these apply across the whole server/web site Or they may be placed within container directives e.g. directory level (applies to the directory and all its sub-directories) DefaultLanguage fr e.g. file level ... e.g. location (i.e. start of a URL) ... Or they may be place within conditional containers e.g. IfModule AddEnecoding x-gzip .gz Directives may also appear in a per-directory configuration file, whose name is usually .htaccess - Directives in .htaccess files apply to the directory where the .htacess file lives and all its sub-directories - Flexibility: unlike changes to httpd.conf, if you change .htacess, you don't need to restart server for directives to take effect; makes it possible for people to put .htaccess files into their own public_html directories to configure their part of the web site - Cost: for each request from the client, server searches for .htaccess files in each directory from the root of the filesystem down; also people may put foolish directives into these files. - If the cost is too high, we can disable by putting directives into httpd.conf - E.g. to disallow .htaccess files AllowOverride None - E.g. to disallow at top of the filesystem but allow them lower down (thus reducing the cost) AllowOverride None AllowOverride All - E.g. to allow .htaccess files but only allow them to contain a subset of directives AllowOverride None AllowOverride FileInfo This allows only those that belong to the FileInfo group of directives.