Access control is a requirement for many websites. This means that certain content or areas of the website are only accessible to clients that come from a particular range of IP addresses or provide a valid username and password, for example. Access control can be implemented at a variety of levels, including at the operating-system level with packet filtering rules and at the web application level with forms, sessions, and cookies. This chapter deals exclusively with implementing access control, authentication, and authorization using the bundled Apache modules. This chapter also explains how different configuration settings can affect the security of your server ...