All webapps have been migrated to new mod_authz_host access syntax and usage of mod_access_compat is strongly discouraged. The rationale for it is that access_compat and authz_host are independent of each other and operate on separate namespaces. Main httpd configs contain only authz_host directives and enabling access_compat means allowing access to all locations/directories that are not explicitly denied by authz_host.

Note: In case there exist both authz_host and access_compat directives for a location, the Deny clause of ANY of them takes precedence (in short: deny always wins, regardless where it comes from).