When I was working on
MODULES-1622 I noticed the behaviour of Allow/Deny directives is behaving potentially dangerously.
Consider the following manifest:
On a OS which uses Apache 2.2 this works correctly like you'd expect.
However on a OS which uses Apache 2.4 the allow and deny is silently dropped, which results in this actual configuration:
In my opinion if you are using Apache 2.4 and are setting those deprecated parameters the manifest should flat out fail - or at the very least warn you.
Dropping those parameters and defaulting to `Require all granted` is dangerous.
This also affects the Order and Satisfy directives in the same way.