I'm working on a project in a group. I'm the only guy using Linux. Anyways, we use git and there's one file which causes me problems.
The htaccess contains the following:
<IfModule authz_core_module>
Require all granted
</IfModule>
If I comment out the Require all granted, it works, however, when it's not commented out, it gives me a 500 server error.
I do have authz_core_module and I can't disable it because if it's not a module it will Deny from all.
Why is that line giving me a 500 server error? The file works correctly at all those other guys who use Windows. Is it something because of my Linux apache?
I got it to work by adding these 2 lines to my httpd.conf file:
<Directory /THEPATHHERE/>
Options Indexes FollowSymLinks MultiViews
AllowOverride FileInfo Indexes Authconfig
</Directory>
Related
I have a Linux box running Centos 6.6 with Apaches 2.2.x
For some unknown reason, turning on the rewrite engine causes a 403 error (this happens whether I add a rewrite rule or not).
I have spent hours researching this and have made changes to my config in accordance with advice I have found in many places, but still got nowhere.
Currently in my .htaccess I have this:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
</IfModule>
In the directives for the virtual host, I have this:
DocumentRoot /var/www/html/example.uk
<Directory /var/www/html/example.uk>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName example.uk
ServerAlias www.example.uk
(This seems to work in a Debian box, but not for my Centos machine.)
In my httpd.conf I have changed
AllowOverride None
to
AllowOverride All
my httpd.conf also contains
LoadModule rewrite_module modules/mod_rewrite.so
Error log says:
Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/html/example.uk
Now, I have previously added SymLinksIfOwnerMatch to the directives, but it didn't solve the problem.
I followed this and all seemed to go as it should.
This happens when Apache doesn't have execute rights for
/var
/var/www
/var/www/html
/var/www/html/example.uk
Run:
chmod o+x /var /var/www /var/www/html /var/www/html/example.uk
Since apache version >= 2.4 directive
Order allow,deny
allow from all
leads to a global 403, to ensure this if you check you're apache's log :
[Tue May 05 11:54:32.471679 2015] [authz_core:error] [pid 9497] [client 127.0.0.1:35908] AH01630: client denied by server configuration: /path/to/web/
Comment Directive Order and add Require all granted like bellow:
Require all granted
#Order allow,deny
#allow from all
Hope this help.
Edit :
explanation from apache
This behaviour is provided by new module mod_authz_host
For list of restriction available (ip, host, etc) http://httpd.apache.org/docs/2.4/en/mod/mod_authz_host.html
You should remove this line from htaccess
Options +FollowSymLinks
You already have it in the apache vhost file. Also if you should add a rule if you're going to turn on mod_rewrite or there is no point to turning it on.
Another possibility with Apache 2.4 is caused by Options -FollowSymlinks which will also throw a 403 error and generate the following log:
AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off,
so the RewriteRule directive is also forbidden due to its similar
ability to circumvent directory restrictions
This was not the case in the original post, but if it comes up you would need to re-enable FollowSymLinks using this line:
Options +FollowSymLinks
OK, I've been having some issues with aws or something, such that I cannot seem to get mod_rewrite to work.
Just for testing purposes I've done the following:
1 used aws console to deploy fresh ami 64 bit instance from wizard
2 yum installed apache
3 edited /etc/httpd/conf/httpd.conf:
so that
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
looks like
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
4 made sure that
LoadModule rewrite_module modules/mod_rewrite.so
is in the file and uncommented.
5 restarted apache:
sudo /sbin/service httpd restart
6 created two new files:
/var/www/html/test1.html
contains:
this is test1!
/var/www/html/test2.html
contains:
this is test2!
7 created file:
/var/www/html/.htaccess
contains (IN TOTAL):
RewriteEngine on
RewriteRule ^test1\.html$ test2.html [L]
8 went to:
http://[my aws server]/test1.html
Am getting "this is test1!"
I am doing something wrong here, but for the life of me I have no idea what. Any help is greatly appreciated...
EDIT: I added nonsense chars/numbers to the beginning of my .htaccess file, and restarted apache (not 100% sure that is needed, but what the hey...), and nothing happened. In other words, I expected that going to the url [aws server]/test1.html would result in some kind of error, but it did not. I suspect apache is not even reading the .htaccess file.
EDIT: I added the following to my httpd.conf file:
RewriteLog "/tmp/rewrite.log"
RewriteLogLevel 9
The file is created when I restart apache, but nothing ever goes in there when I go to either page I've set up. I'm failing to do something very, very basic here, but I'm not sure what...
Not sure if this is the cause of your problems, but you shouldn't mess with the
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
line, and it should be something like:
<Directory />
Options FollowSymLinks
AllowOverride None
Deny from all
</Directory>
You should add the directory of your document root as a different container:
<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Allow from all
</Directory>
Took me a while to find this but in some installs Apache will use multiple config files.
Look in "/etc/apache2/sites-enabled/000-default" and check that AllowOveride is set to All
Try it. This work for me.
The first, you need to make sure the .htaccess file put in correct directory.
For this, you go to sites-enabled folder and check which the .conf files are enabled.
cd /etc/apache2/sites-enabled
ls
Ex: 000-default.conf
Then, goto sites-available folder to edit that .conf file.
cd ../sites-available
sudo gedit 000-default.conf
Find to DocumentRoot and check directory again.
If you put .htaccess file in /var/www/html/.htaccess so this line look like this:
DocumentRoot /var/www/html/
The second, You need modify <Directory> block look like this.
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
#RedirectMatch ^/$ /apache2-default/
</Directory>
Finally, you save file and restart apache
service apache2 restart
Hope this help!
I am trying to write some rewrite rules in apache2 conf and they are not working
Following is my virtualhost block in apache conf. My os is ubuntu 12.04 server edition
DocumentRoot /var/www/xyz
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/xyz>
Options Indexes FollowSymLinks MultiViews
#AllowOverride None
AllowOverride All
Order allow,deny
#Order deny,allow
allow from all
</Directory>
I have .htaccess file with some rewrite rules as follows
ReWriteEngine on
RewriteRule ^/matchV/(.*) http://host:8080/$1
RewriteRule ^/other/(.*?)$ /httpdcontent/$1
rewrite module is enabled with apache.
Can someone tell me if i am missing anything.
Thanks,
Sandeep
First of all, a dollar sign seems to be missing on the first rewriting rule.
Then, I would recommend the use of [L] in "debug" situation. This way, only one rule would have to be corrected at the time.
If you need to check how the rewriting goes, you need to have a look at your log files /var/log/apache2/error.log and /var/log/apache2/access.log. They will tell you what URL the server tried to process, and how it failed. From this, you should be able to see what is missing, or what is "too much".
From what I see, I would say it has to do with the rewriting base. Your webserver root is probably at /var/www, and the directory for the virtual host is /var/www/xyz. I think you could fix it using something like...
RewriteBase /xyz
Anyway, edit the configurations, and don't stop checking the logs. From there, you'll see what URL/File the server tries to process, and you should be able to correct the paths it uses.
I'm currently moving a dev magento build to my live test subdomain on ubuntu and using Easy Hosting Control Panel (EHCP).
If I rename my .htaccess file to .htaccess and refresh my subdomain url, I get an internal server error 500. If I rename the .htaccess file to .htaccess.bak, and refresh, the subdomain displays my magento store fine. BUT, if I try to navigate, since the index.php isn't removed in the .htaccess file, all my links are dead unless I insert index.php between my root url and the actual page/directory I'm navigating to.
I tried over riding the /etc/apache2/sites-available/000-default and /etc/apache2/sites-available/default files to AllowOverride All:
<VirtualHost *>
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/vhosts/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order Allow,Deny
Allow from All
</Directory>
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
ErrorLog /var/log/apache2/error.log
LogLevel debug
CustomLog /var/log/apache2/access.log combineddefault
but changing that in either file, or both, and then reenabling the .htaccess file still gives me the 500 error.
anything I'm doing wrong here? Somewhere else I should be placing the mod rewrite information?
thanks!
I know this is kind of dead but for those with this issue check your /etc/apache2/mods-enabled to see if rewrite.load is there if not try to copy it from the /etc/apache2/mods-available folder that fixed the issue for me. You will also have to have the .htaccess override enabled for that
is it rules available?
maybe apache is disabled rewrite mod,you can try to enable.
type 'a2enmod rewrite' to turn on.
This is the opposite problem from most about which I have read. I am running Ubuntu 8.04 on an Amazon instance with Apache 2.2.8 and I can't figure out why setting AllowOverride to None for root doesn't stop my .htaccess file from being included.
I have a sub-directory with hello.py in it and an .htaccess file. When I browse to the file, it works fine with modpython serving the file. If I put some garbage in .htaccess I get a server error, so I know the .htaccess file is being used. Also if I delete the .htaccess file, hello.py is no longer server by modpython - instead the browser tries to open it.
In one of my sites-available (linked in sites-enabled), I have "AllowOverride None" for the root directory. I thought that this would prevent .htaccess from being included from root and all its sub-directories which should cause hello.py to not be served by mod_python. However, it continues to be served fine and I can test that .htaccess is still being included because when I modify it, I see the results in my browser.
Maybe there is something I am not understanding about my file in sites-enabled. This is the file I am using:
NameVirtualHost *:8080
<VirtualHost *:8080>
<Directory />
AllowOverride None
</Directory>
</VirtualHost>
Thanks for any help.
The reason the file is not served via mod_python when you delete .htaccess is because the setup for mod_python is located in it. If you move that stuff to your sites-available file, you can delete .htaccess, turn a blind eye to the problem, and call it a day.
If that doesn't satisfy you, then as to why .htacess is being read at all, I can't say. You are correct that AllowOverride None should prevent the file from ever being read. Have you considered the possibility that you screwed something up when adding the virtual site? Try throwing some garbage into the config and see if it complains, just to be sure it's being read at all.
AllowOverride is only allowed in <Directory>-sections, so you've done everything right.
One problem you could have is that other (sub-)<Directory>-sections set AllowOverride to something different than None. That will override the setting for these subdirectories.
I use
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride AuthConfig
Order allow,deny
allow from all
</Directory>
and in /var/www (my docroot) I can use .htaccesses.
The reason why mod_python does not work anymore if you delete your .htaccess is that mod_python setup is usually in .htaccess files.
If you need more information, please send us your configuration.
PS: In fact the docuementation linked above says that you should never set AllowOverride to something not None in <Directory />.