We want to Allow only specific Methods i.e. HEAD POST GET.so we are using.<Location />
<LimitExcept HEAD POST GET>
Require all denied
</Location>Location is required, because we use mod_proxy, so no directory access is performed.Strangely it overrules a previous defined.
SetHandler server-infoRequire local</Location>So as a result server-info is accessible from everywhere.According to my understanding, and documentation this behavior is not correct.
</LimitExcept>are used to enclose a group of access control directives which will then apply to any HTTP access method not listed in the argumentsThanks a lot!Regards,Lothar