Apache > HTTP Server > Documentation > Version 2.5 > Modules

Apache Module mod_allowhandlers

Description: Easily restrict what HTTP handlers can be used on the server
Status: Experimental
Module Identifier: allowhandlers_module
Source File: mod_allowhandlers.c


This module makes it easy to restrict which handlers may be used for a request. A possible configuration would be:

<Location "/">
  AllowHandlers not server-info server-status balancer-manager ldap-status

It also registers a handler named forbidden that simply returns 403 FORBIDDEN to the client. This can be used with directives like AddHandler.


Bugfix checklist

See also


AllowHandlers Directive

Description: Restrict access to the listed handlers
Syntax: AllowHandlers [not] none|handler-name [none|handler-name]...
Default: AllowHandlers all
Context: directory
Status: Experimental
Module: mod_allowhandlers

The handler names are case sensitive. The special name none can be used to match the case where no handler has been set. The special value all can be used to allow all handlers again in a later config section, even if some headers were denied earlier in the configuration merge order:

<Location "/server-status">
  AllowHandlers all
  SetHandler server-status