We are trying to disallow certain assets being accessible and following two entries do not seem to be working. Your insight will greatly help.
/filter
{
....
/0002 { /type "deny" /glob "* /var/log/*" }
/0003 { /type "deny" /glob "* /proc/self/*" }
Even if I deny everything using /0001 { /type "deny" /glob "*" }, still we are able to access the assets /var/log/ and proc/self/ directories.
I looked at the documentation and I did not find anything where dispatcher always allows certain assets.
Only workaround we found is that in the httpd conf file, if we add a new directory entry then it works as expected.
<Directory /var/log>
Order Deny,Allow
Deny from all
</Directory>