Apache 2.4 .htaccess file doesn't deny access - .htaccess

I tried many times with different methods, but i'm still unable to deny access to folder by .htaccess. Here is what i tried:
RewriteEngine On
<Directory />
Require all denied
</Directory>
Second try:
RewriteEngine On
<RequireAll>
Require all denied
</RequireAll>
Third try:
RewriteEngine On
Require all denied
What am i missing? Thanks
EDIT:
If this will help I'm using windows x64 version of apache. Downloaded here:
http://www.apachelounge.com/download/win64/
LAST EDIT:
The problem is misspeled .htaccess name it was .htacess. Thanks for all of your time.

You should be able to use this in your htaccess file in the directory; your 2nd and 3rd try.
Require all denied
The <directory> directive should be used in your conf file. Also this is not a rewrite so having RewriteEngine will not matter. This is part of mod_authz_core
It maybe ignoring your .htaccess file. Check your conf file and make sure that you have AllowOverride All because in 2.4 the default is None.

Related

mod_rewrite is enabled, .htaccess file is ok, but requests are not going through index.php

I've just installed ubuntu-server_6.04.2_LTS, after the fresh installation I've enabled mod_rewrite, it's showing in phpinfo()
my .htaccess file is OK
but, still requests are not going through index.php
You should check if for that specific directory (root folder of your project), apache is configured to allow overriding through .htaccess.
If you want to allow such override, the directives found in apache.conf or the specific settings for your virtual host should look like this:
<Directory /var/www/>
AllowOverride All
Require all granted
</Directory>

apache2 rewrite rules not working

I am trying to write some rewrite rules in apache2 conf and they are not working
Following is my virtualhost block in apache conf. My os is ubuntu 12.04 server edition
DocumentRoot /var/www/xyz
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/xyz>
Options Indexes FollowSymLinks MultiViews
#AllowOverride None
AllowOverride All
Order allow,deny
#Order deny,allow
allow from all
</Directory>
I have .htaccess file with some rewrite rules as follows
ReWriteEngine on
RewriteRule ^/matchV/(.*) http://host:8080/$1
RewriteRule ^/other/(.*?)$ /httpdcontent/$1
rewrite module is enabled with apache.
Can someone tell me if i am missing anything.
Thanks,
Sandeep
First of all, a dollar sign seems to be missing on the first rewriting rule.
Then, I would recommend the use of [L] in "debug" situation. This way, only one rule would have to be corrected at the time.
If you need to check how the rewriting goes, you need to have a look at your log files /var/log/apache2/error.log and /var/log/apache2/access.log. They will tell you what URL the server tried to process, and how it failed. From this, you should be able to see what is missing, or what is "too much".
From what I see, I would say it has to do with the rewriting base. Your webserver root is probably at /var/www, and the directory for the virtual host is /var/www/xyz. I think you could fix it using something like...
RewriteBase /xyz
Anyway, edit the configurations, and don't stop checking the logs. From there, you'll see what URL/File the server tries to process, and you should be able to correct the paths it uses.

Web server not reading .htaccess file

I have Ubuntu 12.10 with apache2 installed, and my .htaccess file is not working. I have it set up to be able to not have .php file extensions in the links, so it looks like www.website.com/login instead of /login.php, but it says that the URL "/login" is not found on the server. I have read this page and it says something about "AllowOverride All" but I don't know where that is, or if I need to add it, where I would add it.
EDIT: I have found this link and have found what it says, but it says that I have an Internal Server Error on any page I go to. I have changed the to
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
but it says Internal Server Error
EDIT #2: In the error log, it says
/var/www/.htaccess: Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
EDIT #3: Found the answer here: .htaccess: Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
Make sure you have enabled mod_rewrite in your .htaccess.
Also make sure you these lines at the top of your .htaccess:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
i.e. turn the MultiViews options off.
Also see this Q&A for a similar problem and my answer.
You should have or specify Directory-block in your apache configurations. You can find AllowOverride documentation here: http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
And documentation about <Directory> is here: http://httpd.apache.org/docs/2.2/mod/core.html#directory
In short: specify where you would like to allow the settings to be overridden with <Directory /path/to/your/directory> and then use AllowOverride all in that directory block.

Protect ajax files from direct call using htaccess

To prevent my Ajax files from direct acccess I did this:
I put all files in a common directory called "ajax" and put this in an .htaccess file in the same folder. This is my directory structure:
/var/www/html/ajax
<Directory "/var/www/html/ajax">
order allow,deny
Deny from all
Allow from 127.0.0.1
</Directory>
But this produces server error 500. .htaccess use is enabled in my server along with mod-rewrite. Please help.
The Directory directive is not allowed in your .htaccess file. see http://httpd.apache.org/docs/2.0/mod/core.html#directory. However, you can achieve the same result by simply placing the code you have in the .haccess in the /var/www/html/ajax directory, without the Directory directive
order allow,deny
Deny from all
Allow from 127.0.0.1
<Directory> is a directive that's not supported in .htaccess files, it's core and vhost specific.
For an .htaccess file, the directive is superfluous and must be omitted, because the directory is implied by the location of the .htaccess file.
Simply remove <Directory> and its closing "tag" and it should work.

Apache mod_rewrite works in .htaccess but not httpd.conf

I'm experimenting with mod_rewrite for the first time (I'm a web newbie, but trying to learn). I'm trying to get bob.html to redirect to alice.html (read: URL stays the same, page content is alice.html). Both files are in /var/www/. I'm running Ubuntu 10.10 w/Apache 2.2.16.
Here's what works in the .htaccess file placed in the /var/www/ directory:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^bob.html$ alice.html
</IfModule>
This behaves as expected, but it does not work when moved to the httpd.conf file (just learning best practices w/performance and such). I read somewhere that when using mod_rewrite in httpd.conf file, leading slashes are required, so my httpd.conf file looks like:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^/bob.html$ /alice.html
</IfModule>
I also read that /etc/apache2/sites-enabled/000-default needs to have AllowOverride set to All.
<Directory /var/www>
...
AllowOverride All
...
</Directory>
I think that's just for use with .htaccess but I wasn't sure so I just left it in.
With all of these configuration settings, the redirection does not work. I've tested to make sure the file itself is being read (someone suggested httpd.conf isn't used anymore and apache2.conf is used instead) by inserting erroneous code. I've taken a look at a couple other questions/answers but I still cant figure it out.
Edit: It should be noted that I'm using /etc/init.d/apache2 restart after each change to httpd.conf to restart Apache and (hopefully) reload the configuration.
Try wrapping the rewriterules in your httpd.conf file in <Location /></Location> tags. The seems to alter the behavior making it more similar to the .htaccess file.

Resources