Turning RewriteEngine on creates 403 error--how to turn on FollowSymLinks? - apache

I am working with the built-in Apache2 on OSX. I moved the document root to a folder on my desktop and made sure that _www and everyone have read access. It works fine and great, PHP works, everything works until I add a .htaccess with this line only:
RewriteEngine on
As soon as I do that, everything in the directory with the file is 403 Forbidden:
Forbidden
You don't have permission to access /dir/file.txt on this server.
Apache logs show this error:
[error] [client 127.0.0.1] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /Users/uname/Desktop/localhost/dir/filename.txt
I've gone through httpd.conf and made sure that I've enabled FollowSymLinks to no avail:
DocumentRoot "/Users/uname/Desktop/localhost"
<Directory />
Options FollowSymLinks
Options SymLinksIfOwnerMatch
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory "/Users/uname/Desktop/localhost">
Options FollowSymLinks
Options SymLinksIfOwnerMatch
Options Indexes MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
If I comment out RewriteEngine on in the .htaccess file, then everything works fine, except rewrite rules, obviously. On OSX 10.8.5, httpd.conf is located in /etc/apache2 which also has the folder users containing individual files for uses, e.g. uname.conf, but I've added symlinks in here same as in the other. I noticed there's also a folder extra with files like httpd-userdir.conf, but they don't seem to disable anything.
Where else can FollowSymLinks be turned on (or off)?

You have to either put your Options on one line, or add a + sign in front of your Options so Apache understands you want merge them. At the moment only the last Options directive ('Options Indexes MultiViews') is being applied since it is overwriting all the prior Options.
Try this (which will overwrite the '/' Options):
<Directory "/Users/uname/Desktop/localhost">
Options Indexes MultiViews FollowSymLinks SymLinksIfOwnerMatch
AllowOverride All
Order allow,deny
Allow from all
</Directory>

I had an issue with getting a 403 the solution for me was changing my rewrite rules. My complete directives are as follows:
<Directory "/var/www/">
<LimitExcept GET POST HEAD>
Order Allow,Deny
Deny from all
Satisfy all
</LimitExcept>
Require all granted
AllowOverride None
# Disable includes and cgi
Options -Includes
Options -ExecCGI
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirdect to HTTPS
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule ^(.*)$ - [F,L]
# Put your installation directory here:
RewriteBase /
# Do not enable rewriting for files or directories that exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# remove index.php
RewriteRule ^(.*)$ /index.php/$1 [L]
# If your host requires forcing query strings.
# Notice the question at the end of index.php
# on the last rule
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule ^(.*)$ /index.php?/$1 [L]
</IfModule>
</Directory>
ServerName www.example.com
ServerAlias www.example.com

Related

Enable .htaccess file in OS-X Mavericks

I have my website code at /Library/WebServer/Documents/edu and I'm using the following .htaccess file:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*) /index.html [NC,L]
which I've put under /Library/WebServer/Documents/edu, but apache server seems to be ignoring this file and whatever changes I'm doing here are not taking effect.
Do I need to do some additional changes ?
By default Apache has .htaccess disabled, so you would have to enable it.
Go to and edit /etc/apache2/httpd.conf
You will find a section that looks like this:
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
You have to change AllowOverride None to AllowOverride All and then find the section right after which should start with: <Directory "/Library/WebServer/Documents"> and you'll have to change the same thing there to AllowOverride All
The answer is obsolete post Apache 2.4
The right way is:
DocumentRoot "/Library/WebServer/Documents"
<Directory "/Library/WebServer/Documents">
AllowOverride all
Allow from all
</Directory>

How to redirect index.php to / using 301 redirect on apache2 Webserver

I am trying to redirect the index.php to /, at the Document root: /var/www/ by configuring the /etc/apache2/sites-enabled/000-default file.
Using Ubuntu 14.04 Server with apache2.
These are the contents of the Directory directive at /etc/apache2/sites-available/000-default:
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
This is what I've tried from another question here:
<Directory "/var/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
RewriteCond %{THE_REQUEST} ^/index.php$
RewriteRule $(.*)^ / [R=301,L]
</Directory>
I've even tried this RewriteRule ^(.*)index\.(php|html?)$ /$1 [R=301,NC,L], and also RedirectMatch 301 ^/index.php$ http://www.example.com (this time I removed, the RewriteCond).
What happens
I can normally access my site from /, but when I add /index.php I get redirected to wwww.mydomain.com (notice the 4 ws).
What am I doing wrong?

Laravel Routes not working, Apache configuration only allows for public/index.php/route

Example:
Route::get('/get', function() {
return 'get';
});
To view the route above, I must navigate to public/index.php/get.
I've viewed quite a few SO posts and googled around trying different things and it hasn't made a difference (yes I restart apache every time).
Here is my .htaccess in the public directory:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
</IfModule>
# For all files not found in the file system, reroute the request to the
# "index.php" front controller, keeping the query string intact
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>
What could be causing this still? I'm running Ubuntu.
Two most common causes of this behavior are:
mod_rewrite not enabled
sudo a2enmod rewrite && sudo service apache2 restart
AllowOverride is set to None, set it to All, assuming Apache2.4
sudo nano /etc/apache2/apache2.conf
search for <Directory /var/www/> and change AllowOverride None to AllowOverride All, then save the file and restart apache
Do you have mod_rewrite installed and enabled on apache? Try to remove the if lines ( and ) and see if it throws an error when you try to load the website. If it does, run sudo a2enmod rewrite and restart apache.
This is the .htaccess I have on my public/ directory:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
In the Apache Configuration file may be located at /etc/httpd/conf/httpd.conf (location and names varies on server), provide AllowOverride permission for .htaccess file by updating the directory as follows:
<Directory "/var/www/laravel-sample-project/public">
AllowOverride All
</Directory>
This may solve your problem on laravel routes.
Also ensure that you're providing access "AllowOverride All" limited to directories, such as mentioned above and limited to the directory /var/www/laravel-sample-project/public (mentioned here is the root directory for my project which may varies for you)
Changing AllowOverride None to AllowOverride All and sudo a2enmod rewrite && sudo /etc/init.d/apache2 reload did help.
I know it's an old question, but for people coming from search engines:
Although the apache site config I had enabled (/etc/apache2/sites-enabled/sitename.conf) had AllowOverride All
But for some reason the /etc/apache2/apache2.conf file had AllowOverride None for /var/www/ directory.
Solution:
Run nano /etc/apache2/apache2.conf
Find Directory /var/www/ (on mac you can ctrl+w, paste the text and hit enter)
Inside it, change AllowOverride None to AllowOverride All
So, this
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
becomes this:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
If you do not use a .htaccess file, you need to specify the directory for your redirections:
<IfModule mod_rewrite.c>
RewriteEngine On
<Directory /home/vitela/laravel/public>
RewriteBase /public
RewriteRule ^(.*)/$ /$1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php [L,QSA]
</Directory>
</IfModule>
In MacOs. The Main problem of .htaccess not working is there is not mod_rewrite.so enabled in httpd.conf file of apache configuration.
i have solved this by uncomment the line :
LoadModule rewrite_module libexec/apache2/mod_rewrite.so
Remove the # from above line httpdf.conf. Then it will works. enjoy!

Apache2, php5-fpm - file extension not required

I've set up a server using PHP5-FPM (using PHP 5.3.27) and apache2.
There is an api.php file in the doc root, and using mod_rewrite i've got this rule in .htaccess:
RewriteEngine on
RewriteRule ^api/rest api.php?type=rest [QSA,L]
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]
So what i want is for everything except exact file matches to be passed to index.php
What is happening, however, is when i go to /api/ the api.php is being loaded, instead of the request being forwarded to the index.php
I've gone through the documentation, googled thoroughly (unless i'm not using the right keywords), and checked out both the apache and php configuration. This doesn't happen on our live server or our development servers that use a conbination of nginx and php5-fpm or apache and mod_php5
My Apache config for the vhost is:
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName admin.localhost
ServerAlias *.localhost
<Directory "/var/www/html">
Options FollowSymLinks MultiViews ExecCGI
AllowOverride All
Order deny,allow
Allow from all
</Directory>
# Wire up Apache to use Travis CI's php-fpm.
<IfModule mod_fastcgi.c>
AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:9000 -pass-header Authorization
</IfModule>
</VirtualHost>
EDIT
I've investigated further:
If i remove api.php - the rewrite works
If i remove the RewriteCond %{REQUEST_FILENAME} !-f - the rewrite works
Any .php file they get loaded without the extension - not non-php files only work with the extension.
Try replacing:
Options FollowSymLinks MultiViews ExecCGI
By:
Options FollowSymLinks -MultiViews ExecCGI
The MultiViews keyword comes from mod_negociation and can have a lot of side-effects. One of theses effect is that it can scan for known extensions, when you request 'api' it can scan for api.php' or 'api.html' files and redirect internally the requests on theses files.
From http://httpd.apache.org/docs/2.2/content-negotiation.html#multiviews :
The effect of MultiViews is as follows: if the server receives a
request for /some/dir/foo, if /some/dir has MultiViews enabled, and
/some/dir/foo does not exist, then the server reads the directory
looking for files named foo.*, and effectively fakes up a type map
which names all those files, assigning them the same media types and
content-encodings it would have if the client had asked for one of
them by name. It then chooses the best match to the client's
requirements.
To me this seems like a big hole, some considers it a feature.

Will apache RewriteRule overridden by definition in different .htaccess file?

I mean totally different .htaccess file in different directories like c:\dir1.htaccess and c:\dir2.htacesss.
Basically I defined several virtual host in httpd using Alias like below:
Alias /cake "E:\Project\Php\framework\cakephp-cakephp-6864406"
AllowOverride All
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
Alias /code "E:\Project\Php\framework\CodeIgniter_2.1.0"
AllowOverride All
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
And each directory has a .htaccess file with below rules:
RewriteBase /cake
RewriteEngine on
RewriteRule (.*) index.php/$1 [L]
and
RewriteBase /code
RewriteEngine on
RewriteRule (.*) index.php/$1 [L]
but if I access http://localhost/code/anything, the request is always captured by cake project.
Am I using it incorrectly? Many thanks!