This is an apache question.
I set a header in my config files with RequestHeader. (local apache install)
I can see that works as per the output of a custom php script to dump headers: the header is there.
However a rule based on that header being present is not fulfilled in .htaccess.
The same .htaccess file works as expected on another server.
My added request header doesn't seem to be visible in .htaccess.
Any idea?
Apache conf:
RequestHeader set X-Forwarded-Proto "https"
.htaccess:
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
That loops forever. But it works perfectly on a config behind an AWS load-balancer.
Thanks for helping agent420.
I finally found the solution... It takes either a clear understanding of Apache processing rules or some luck (latter in my case).
The working directive is:
RequestHeader set X-Forwarded-Proto "https" early
High, unsubtle, massive emphasis on the word 'early'.
That's all it took...
Hope that comes of some use to others.
Teebo
Do other rules in .htaccess work on this server? Because if they do not then it may be due to a configuration in Apache Config file (httpd.conf or apache2.conf depending on your distro)
Edit this file. Look for your website's directory...something like:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Change None toAll for the AllowOverride option. Restart the Apache service.
AllowOverride directive is used to allow the use of .htaccess within the web server to allow overriding of the Apache config on a per directory basis.
See this doc for details
Related
I'm trying to setup Apache to rewrite particular file names when requested under a virtual host. The goal is to change certain branding elements based on the host header used (all of which have virtual host configs).
I had this working in nginx as per the example below
if ($host = "test.example.com") {
rewrite ^/images/file1.png$ /images/otherfile1.png;
rewrite ^/images/file2.png$ /images/differentfile2.png;
break;
}
For Apache I used the following config in the virtual hosts file, and confirmed the module is running, but it does not seem work (the original file1 is used).
<Directory "/opt/site/html/">
AllowOverride All
Options FollowSymLinks MultiViews
Require all granted
RewriteEngine On
RewriteBase /
RewriteRule ^/images/file1.png$ /images/otherfile1.png
RewriteRule ^/images/file2.png$ /images/differnetfile2.png
</Directory>
Any advice on what I'm missing to enable this rewrite would be greatly appreciated.
RewriteRule ^/images/file1.png$ /images/otherfile1.png
RewriteRule ^/images/file2.png$ /images/differnetfile2.png
These directives are inside a <Directory> container (inside a <VirtualHost>). In a directory context (as with .htaccess), the URL-path matched by the RewriteRule pattern does not start with a slash. So the above rules will not match. The directives should be like this instead:
RewriteRule ^images/file1\.png$ /images/otherfile1.png [L]
RewriteRule ^images/file2\.png$ /images/differnetfile2.png [L]
NB: Don't forget to backslash-escape literal dots in the regex and you should use the L flag here to stop further processing by the rewrite engine.
Alternatively, you can move these rules out of the <Directory> wrapper and into the <VirtualHost> container directly. In this context, the rules match against the full root-relative URL-path, starting with a slash (as you have written). But in a virtualhost context, the RewriteBase directive is not permitted so must be removed (you are not making use of this anyway).
Aside:
AllowOverride All
Options FollowSymLinks MultiViews
You are allowing .htaccess overrides (first directive). Note that if you do have an .htaccess file with mod_rewrite directives (RewriteRule etc.) then these will completely override the directives in the corresponding <Directory> container in the server config. You may want to explicitly disable .htaccess overrides, for example:
AllowOverride None
You've also enabled MultiViews - is that intentional? This basically enables extensionless URLs out-of-the-box (on everything) and can potentially conflict with mod_rewrite, so generally, this should be disabled. Simply remove it from the above rule to disable this, for example:
Options FollowSymLinks
RewriteBase /
You're not actually using this in the directives you've posted.
I got a basic problem that I can't resolve.
I set up a LAMP server on a Debian 10 machine which run into a Docker container.
PHP and the services Apache and MySQL are functionnal, but I got a problem with the URL rewriting.
It don't run, even on the basic entry point of my web server which is : "http://localhost/"
If I use the real adress, It work, but if I brink a "virtual" adress like "http://localhost/toto" for exemple, I got a 404 error from Apache.
Here is the content of my .htaccess file that I put on the root of my base directory "/var/www/html" :
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !/index.php$
RewriteCond %{REQUEST_URI} !(.css|.js|.jpg|.jpeg|.png|.svg|.ttf|.woff|.woff2|.pdf|.zip|.mp4|.avi|.ogg)$
RewriteRule .* /index.php
In the configuration file of my default website (/etc/apache2/sites-available/000-default.conf), I've the directive "DocumentRoot /var/www/html".
If I do a phpinfo(), I see the "mod_rewrite" in the loaded_module.
Is anybody know how can I solve it ?
Mickaël
Finally..., It's OK !
My .htacess file was just ignored by Apache, because the AllowOverride statement was set to "None" by default in my "apache2.conf".
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
I changed it by "AllowOverride All", I restarded Apache and I could valid that the rewriting work fine.
Trying to fix this .htaccess, so it can work on a SSL apache server. Before it was hosted on another Linux server (http://) and was working without problems, but when uploading the files to another Linux server with apache and SSL (https://), it stopped working. The main function is to hide the .php extension...
Here´s what I was using:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
# To externally redirect /dir/foo.php to /dir/foo
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L,NC]
## To internally redirect /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME}.php -f [NC]
RewriteRule ^ %{REQUEST_URI}.php [L]
Thanks for your help!
So, .htaccess files may not be allowed, and by default on many systems they are not allowed. To see if .htaccess is allowed, make this your .htaccess:
BREAK IT!
That should be the only contents in your .htaccess. Attempt to load any page on your website, and if .htaccess usage is enabled, you would see "Internal Server Error" or possibly some other error, but you would not see your actual page.
If you do see the error, that's actually good and means .htaccess usage is enabled. If you don't see the error, it's likely that you will have to find your Apache .conf file and inside look for the line(s):
AllowOverride None
Change that to:
AllowOverride All
If after doing that you still can't use .htaccess, then there may be other apache related files that have "AllowOverride None". On that comes to mind is your virtual host file, and on my system that is located at /etc/apache2/sites-available/.
If you still have problems, check this out:
https://docs.bolt.cm/3.3/howto/making-sure-htaccess-works
Solution is for the issue, need to change in apache2.conf file after that it will works,
Change this file /etc/apache2/apache2.conf
update it same
OLD:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
New Updated Code:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
I had a similar problem. Apache 2.4.23 with .htaccess error 404 set up.
Using it with HTTP works fine; access it with HTTPS didn't work.
I seted AllowOverride All in the http.conf and error 404 wors well.
In my apache configuration I have a virtual host configured like this:
Alias /mediamanager /storage/files/mediamanager
<Directory /storage/files/mediamanager>
DirectoryIndex /mediaManagerIndex.php
DAV On
# ... And some authentication directives ... #
</Directory>
The idea is that someone can access the files both by a WebDAV-Client and also a simple web browser in which case some pretty directory view is generated by a PHP script.
That worked great in Apache 2.2, but recently I upgraded to Apache 2.4 and now it is broken. I highly suspect I I suffer from this bug which is already 2 years old and no fix in sight. The proposed workaround to add:
<Limit PROPFIND>
DirectoryIndex never-encounterable-file-name.html
</Limit>
Does not work for me. Probably because I still want to have a directory index. If I remove my DirectoryIndex altogether WebDAV works again (no index.html or similar files exists in this directory) but of course I loose the ability to use my PHP file as directory index. I tried to specify my DirectoryIndex in a <Limit GET> but this had no effect.
Is there any way to get both DAV and DirectoryIndex to work simultaneously in Apache 2.4 on Debian (if anyhow possible without changing the source code and recompiling)?
In order to fix this, disable directory indexing for the WebDAV site.
In your sites-available/site.conf file add DirectoryIndex disabled to the <Directory> declaration, like so:
<Directory /path/to/my/webdav/dir>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
DirectoryIndex disabled
</Directory>
Then just reload Apache and you will no longer have that issue:
sudo service apache2 reload
For me, the following configuration solved both problems:
WebDAV works again
directory indexing, if the user uses a web browser to access the repository
It works by manually implementing the directory-indexing feature with simple rewrite rules, which are applied only for the GET request method.
The following code has to be placed inside the server config or virtual host context in the apache configuration file.
# Turn off (automatic) Directory-Indexing
DirectoryIndex disabled
RewriteEngine On
# Rewrite rules for the root directory
RewriteCond "%{REQUEST_METHOD}" "(GET)"
RewriteRule "^/$" "/index.php" [L]
# Rewrite rules for other sub-directories
RewriteCond "%{REQUEST_METHOD}" "(GET)"
# The following line checks, if the index.php file exists
RewriteCond "%{DOCUMENT_ROOT}/$1/index.php" "-f"
RewriteRule "^/(.*)/$" "/$1/index.php" [L]
Don't forget to reload Apache!
This is the solution I am currently using, located in a .htaccess file at the root of the directory tree used by the WebDav service. In this case I do not use PHP, only html files, but it can be easily adapted:
# Turn off automatic directory indexing
Options -Indexes
DirectoryIndex disabled
# Redirect directory requests to index.html, only for GET requests
RewriteEngine On
RewriteCond %{REQUEST_METHOD} "GET"
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ $1index.html [L]
In order to launch always the requested PHP file, just replace "index.html" on the last line by the PHP file name:
RewriteRule ^(.*)$ $1mediaManagerIndex.php [L]
I am using the following directives to configure my VirtualHost in Plesk:
[vhost.conf]
ServerName www.mydomain.com
DocumentRoot /var/www/vhosts/mydomain.com/httpdocs
RewriteEngine on
RewriteCond %{SCRIPT_FILENAME} !^.+\.(css)
RewriteCond %{REQUEST_URI} !^.+js
RewriteRule ^(.+)$ /index.php/$1/
<Directory /var/www/vhosts/mydomain.com/httpdocs>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
php_admin_flag safe_mode Off
</Directory>
This worked fine in every case, until i added an SSL certificate and accessed the server through https. Now the rewrites were no longer working, when calling the site through SSL.
So i figured that the configuration loaded for the other protocol (https) must differ from the one that is loaded in the case of http.
I then found out that Plesk uses two separate config files for both protocols. I copied vhost.conf to vhost_ssl.conf. Now the site loaded fine over https and the rewrites were working fine.
But now the rewrites were no longer working when accessing the site through http.
Seems like the cat is biting its tail, i am running in circles and out of options.
Unfortunately i lack the experience in configuring apache. I do assume that somehow my two sets of rules are causing a problem, but after all they are included into two different <VirtualHost> directives.
Perhaps someone knows what is going on here and how to fix it?
I can't tell you how to fix it but I can tell you how to start.
Look carefully at the access and error logs. Read about this here: https://httpd.apache.org/docs/2.2/logs.html
There are a bunch of tools to help you with this debugging described there and in linked pages.