On 2/25/14, 3:37 PM, Ben Reser wrote: > Both mod_authz_default and mod_authz_forbid are registering in the > APR_HOOK_LAST group. So their order is not determinate. If you want to avoid > mod_authz_forbid activating for any other traffic (with or without > mod_authz_default) loaded you should add the following directive inside your > server level of your httpd.conf (i.e. outside a Location/Directory block): > AuthzForbidAuthoritative On
The above should be "AuthzForbidAuthoritative Off". Sorry about the typo.
