There could be cases where you would not want clients in other machines to invoke a BPEL process or an ESB Service, but you would still want to view the WSDL of the process/service from the BPEL Console/ESB Control. For instance, you might have a BPEL process on the machine A[host name="exampledel.oracle.com"], and you wish to prevent invocation of the process from all machines other than A.
You can use the <Limit> directive to achieve the desired behaviour.
<Limit POST PUT DELETE>
Deny from all
Allow from exampldel.oracle.com
This ensures that "GET" requests are allowed from anywhere [for viewing the WSDLs etc], but "POST" which is used for SOAP invocation of the Service is only allowed from the machine exampledel.oracle.com.