Hypermedia systems (whether web sites or not) should support multilevel policiesm, offering different views and manipulation abilities of the same information to users with different needs in a particular context. Several experiences have demonstrated that role-based access control (RBAC) policies are a powerful mechanism to simplify management tasks. This paper describes the implementation and the integration in the Apache server of the MARAH model, that security designers with mechanisms to specify security rules using elements and abstractions of the hypermedia domain (such as nodes, links or contents), considering a web site as a special case of hypermedia. KEYWORDS Hypermedia, security models, role-based access control, web server.