Can't change Apache web root directory on Ubuntu.
file exists in sites-enabled folder
I changed /etc/apache2/sites-enabled/mynewsite.conf file document root
<Directory /media/saptarshi/BAAA7114AA70CDFF/webdev>
Options Indexes FollowSymLinks
Allow from all
AllowOverride None
Require all granted
</Directory>
and, also I changed /etc/apache2/apache2.conf file document root
<Directory /media/saptarshi/BAAA7114AA70CDFF/webdev>
Options Indexes FollowSymLinks
AllowOverride None
Allow from all
Require all granted
</Directory>
After changing those I restart the apache then it not worked. Shows
403 error. Forbidden
You don't have permission to access this resource. Apache/2.4.41 (Ubuntu) Server at localhost Port 80
But magically when I change the path within the home directory(/home/saptarshi/test) then it work. So , Is it possible to change apache root directory outside the home folder in ubuntu?
Two things I would like to mention. Firstly, because of something isn't working, don't write the same configurations into multiple apache config files. It will create more problems rather than solving one. Secondly, you should always edit the respective site config file in the /etc/apache2/sites-available/ directory rather than editing the file in the /etc/apache2/sites-enabled/ directory. It's a symlink, so, it's always better to edit the main file and reload the config.
Now your problem might or might not be related to directory path only. It might be a user permission related problem as well. Could you please attach the entire apache2.conf file and the mynewsite.conf file? Also, what's the host you're trying to access it with?
I'd like to understand this behaviour which does not make sense to me.
apache2.conf has the default configuration at the bottom.
As you can see, it has "Require all denied" for / and "Require all granted" for /var/www/
I have a website under /var/www/HM/
After using URL rewriting, Apache is asked to send the result of for example /var/www/HM/subdir/
Instead of correctly returning the content of index.php located in subdir, it denies access. I found out that the / "Require all denied" config in apache2.conf is to blame, but this does not make sense to me especially as "Require all granted" is given to /var/www/
I have managed to set "Require all granted" for /var/www/HM/ and it seems to work then. But still I'd like to understand why the / directive in apache2.conf applies to everything below and that the /var/www/ directive does not!
Also if the directive for /var/www/ does not apply to sub-directories, I wonder if my directive for /var/www/HM/ will apply to its own sub-directories...
Thanks for your help!
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride All
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride All
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
The documentation states that the Directory directive includes sub-directories:
Enclose a group of directives that apply only to the named file-system
directory, sub-directories, and their contents.
I skimmed a bit through the apache-httpd code and couldn't find any special handling of the root directory or any other directory. (okay okay, root is special: it's always first in the directory list)
Also: experience tells me that you probably had another Directory directive in another config file that messed up the directory permissions, or a .htaccess in the subdirectory with Deny from all specified.
I want to set the AllowOverride all But I don't know how to do it. I have found the following code by searching the google and pasted it in .htaccess:
<Directory>
AllowOverride All
</Directory>
But after pasting it I started receiving "Internal Server Error"
Can anyone guide me where to put this code or how to do it?
In case you are on Ubuntu, edit the file /etc/apache2/apache2.conf (here we have an example of /var/www):
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
and change it to;
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
then,
sudo service apache2 restart
You may need to also do sudo a2enmod rewrite to enable module rewrite.
The main goal of AllowOverride is for the manager of main configuration files of apache (the one found in /etc/apache2/ mainly) to decide which part of the configuration may be dynamically altered on a per-path basis by applications.
If you are not the administrator of the server, you depend on the AllowOverride Level that theses admins allows for you. So that they can prevent you to alter some important security settings;
If you are the master apache configuration manager you should always use AllowOverride None and transfer all google_based example you find, based on .htaccess files to Directory sections on the main configuration files. As a .htaccess content for a .htaccess file in /my/path/to/a/directory is the same as a <Directory /my/path/to/a/directory> instruction, except that the .htaccess dynamic per-HTTP-request configuration alteration is something slowing down your web server. Always prefer a static configuration without .htaccess checks (and you will also avoid security attacks by .htaccess alterations).
By the way in your example you use <Directory> and this will always be wrong, Directory instructions are always containing a path, like <Directory /> or <Directory C:> or <Directory /my/path/to/a/directory>. And of course this cannot be put in a .htaccess as a .htaccess is like a Directory instruction but in a file present in this directory. Of course you cannot alter AllowOverride in a .htaccess as this instruction is managing the security level of .htaccess files.
Goto your_severpath/apache_ver/conf/
Open the file httpd.conf in Notepad.
Find this line:
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
Remove the hash symbol:
LoadModule vhost_alias_module modules/mod_vhost_alias.so
Then goto <Directory />
and change to:
<Directory />
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Then restart your local server.
On Linux, in order to relax access to the document root, you should edit the following file:
/etc/httpd/conf/httpd.conf
And depending on what directory level you want to relax access to, you have to change the directive
AllowOverride None
to
AllowOverride All
So, assuming you want to allow access to files on the /var/www/html directory, you should change the following lines from:
<Directory "/var/www/html">
AllowOverride None
</Directory>
to
<Directory "/var/www/html">
AllowOverride All
</Directory>
If you are using Linux you may edit the code in the directory of
/etc/httpd/conf/httpd.conf
now, here find the code line kinda like
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
Change the AllowOveride None to AllowOveride All
Now now you can set any kind of rule in your .httacess file inside your directories
if any other operating system just try to find the file of httpd.conf and edit it.
As other users explained here about the usage of allowoveride directive, which is used to give permission to .htaccess usage. one thing I want to point out that never use allowoverride all if other users have access to write .htaccess instead use allowoveride as to permit certain modules.
Such as AllowOverride AuthConfig mod_rewrite Instead of
AllowOverride All
Because module like mod_mime can render your server side files as plain text.
enter code hereif you are using linux you have to edit the
`/etc/apache2/sites-available/000-default.conf`
under the Documentroot . add the following code
`<Directory /var/www/>
AllowOverride all
Require all granted
</Directory>`
then ,
`sudo service apache2 restart`
and you have to enable the apache mod rewrite
`sudo a2enmod rewrite`
I think you want to set it in your httpd.conf file instead of the .htaccess file.
I am not sure what OS you use, but this link for Ubuntu might give you some pointers on what to do.
https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles
I also meet this problem, and I found the solution as 2 step below:
1. In sites-enabled folder of apache2, you edit in Directory element by set "AllowOverride all" (should be "all" not "none")
2. In kohana project in www folder, rename "example.htaccess" to ".htaccess"
I did it on ubuntu. Hope that it will help you.
There are several answers but there a number of things wrong with this question and I would like to address these:
If you get an error (e.g. 500), look in the log files (if you have access to them). e.g. /var/log/apache2/ssl_error.log
e.g.
cat /var/log/apache2/ssl_error.log
[Tue Jun 01 19:05:34 2021] [alert] [pid 31154] config.c(2119):
[client *******] /var/www/mysite/public/tmp/.htaccess:
<Directory not allowed here [lid YLZo3quRlv2EKOAABVoFLwAAAIM]
Putting AllowOverrides in a .htaccess makes no sense and is not allowed. See Context. See also my explanation below. It should be defined in the Apache configuration (e.g. /etc/apache2)
Allowing everything is usually not the best idea. Be as restrictive as possible!
the Directory directive is missing a directory, should be e.g. <Directory /var/www/html/etc>
the Directory directive does not make sense in an .htaccess. The location of the .htaccess in a directory already has the effect of making the statements within apply to a specific directory
do not mix and match snippets that are intended to be put in the Apache configuration (e.g. in /etc/apache2/...) with statements that are intended to be put in .htaccess - though most of the time, they will be identical, there are some subtle differences
If you have the possibility to modify the Apache configuration directly, do not use .htaccess and deactivate it. (for performance reasons, among others. Also you can have all configuration in one place, put it in version control or manage it via a software configuration management tool, e.g. Puppet, Ansible, SaltStack)
Unless you really cannot access and modify the Apache configuration directly, you do not need .htaccess. This is a common misconception.
That you saw a 500 error proves my point. If you change configuration in the Apache configuration directly (and not in .htaccess), you will usually get an error message with an explanation and information about the error and the line number (e.g. when you do service apache2 reload or apachectl configtest) - which gives you the possibility to fix the error before applying this in production(!).
Also, look in the documentation. It is really quite good. For most directives, you can find where they apply (see "Context").
For example, for IfModule, you can see:
Context: server config, virtual host, directory, .htaccess
For, AllowOverrides it is:
Context: directory
Note the missing .htaccess in the Context!
Instead of googling for information which repeat the same mistakes over and over, look in the documentation!
Docs
AllowOverrides
https://www.danielmorell.com/guides/htaccess-seo/basics/dont-use-htaccess-unless-you-must
SuSE Linux Enterprise Server
Make sure you are editing the right file
https://www.suse.com/documentation/sles11/book_sle_admin/data/sec_apache2_configuration.html
httpd.conf
The main Apache server configuration file. Avoid changing this file. It primarily contains include statements and global settings. Overwrite global settings in the pertinent configuration files listed here. Change host-specific settings (such as document root) in your virtual host configuration.
In such case vhosts.d/*.conf must be edited
Plus those upvoted correct answers sometimes same error could be seen because of mismatched and different settings on SSL part of webserver configurations. (Obviously when not using .htaccess file).
I wish to set up an apache server running php. I want all the files in a particular folder (say /site/ ) to be accessible from www.example.com/ . However I wish the files in /site/data/ to be not visible through www.example.com/data/ . I want www.example.com/fun.php script to be able to read/write to /site/data/ . What is the best way to do this through premissions and the apache defalt file?
You need to set up your directory structure slightly differently to what you have proposed. Rather run your site under a directory like:
/site/html
and store your data under a directory like:
/site/data
configuring Apache to only serve files from /site/html and not /site/data
or if you are using a more traditional apache directory structure then put the files you want publicly accessible through the web server in:
/var/www/html
and the private data files you only want your application to have access to in something like:
/var/www/data
Your Apache conf file will then contain something like:
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
This way the files in /var/www/data will not be publicly accessible but these files can still be accessed by php scripts in /var/www/html/
Disable Apache directory listings by putting this in your .htaccess file under /site/data
Options -Indexes
I have a folder with a lot of .php files. I would like to deny access to them (using .htaccess). I know an option is to move this folder outside public_html, but this is not possible in this situation.
Is is possible to block access to a whole folder?
Add this to the .htaccess file:
order deny,allow
deny from all
Apache 2.4 now uses a different way to do this so the method that works for Apache 2.2 will not work. See below for the method that will work for Apache 2.4. Place this in your Apache .htaccess file or better yet in a <Directory> directive in the Apache .conf file for your site.
Using .htaccess:
If using Apache 2.2:
order deny,allow
deny from all
If using Apache 2.4 use:
Require all denied
Using Apache Configuration files:
Instead of using a .htaccess file, it is usually preferred to place the configuration directly in your Apache .conf file as follows:
<Directory "/var/www/mysite">
Require all denied
</Directory>
Or if using a virtual host:
<VirtualHost *:80>
### Other configuration here ###
<Directory "/var/www/mysite">
Require all denied
</Directory>
### Other configuration here ###
</VirtualHost>
Of course the above configurations are examples, and you will need to adjust according to your requirements.
Create .htaccess file inside the desired folder with the following contents:
Deny from all
Edit apache2.conf or httpd.conf, whatever you find in Apache2 directory (probably located in /etc/apache2). You'll need to edit/check the following:
AllowOverride ALL (in the related <Directory> tag)
AccessFileName .htaccess
Edit your site's configuration file only in case you have a <Directory> tag specified inside it and add the following line:
AllowOverride ALL
Restart your Apache2 server
service apache2 restart
The above steps are all meant for Linux environments. The same instructions would work well for Windows environments except for the paths and the server restart command.
Reference: http://www.cyberciti.biz/faq/apache-htaccess/
Just add a .htaccess file with the code Deny from all to the folder.
More info at http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html