DirectoryIndex in .htaccess giving internal server error - apache

I have two index files and i want both to be there. I wrote DirectoryIndex index.php index.html in my .htaccess file. This is the only line in my .htaccess file and when i opened site browser is giving error 500.

The server probably hasn't set AllowOverride Indexes. If they haven't then DirectoryIndex in an .htaccess file isn't allowed, and you get 500 when you try.
Some options:
See if the web provider will grant AllowOverride Indexes in your URL space.
Ask what values of DirectoryIndex they do allow (maybe index.php, index.cgi, etc.) and use one of those instead.
Use a RewriteRule (if they allow that :| ), for example:
RewriteRule ^$ index.php

Related

.htaccess not working on SSL apache

Trying to fix this .htaccess, so it can work on a SSL apache server. Before it was hosted on another Linux server (http://) and was working without problems, but when uploading the files to another Linux server with apache and SSL (https://), it stopped working. The main function is to hide the .php extension...
HereĀ“s what I was using:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
# To externally redirect /dir/foo.php to /dir/foo
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L,NC]
## To internally redirect /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME}.php -f [NC]
RewriteRule ^ %{REQUEST_URI}.php [L]
Thanks for your help!
So, .htaccess files may not be allowed, and by default on many systems they are not allowed. To see if .htaccess is allowed, make this your .htaccess:
BREAK IT!
That should be the only contents in your .htaccess. Attempt to load any page on your website, and if .htaccess usage is enabled, you would see "Internal Server Error" or possibly some other error, but you would not see your actual page.
If you do see the error, that's actually good and means .htaccess usage is enabled. If you don't see the error, it's likely that you will have to find your Apache .conf file and inside look for the line(s):
AllowOverride None
Change that to:
AllowOverride All
If after doing that you still can't use .htaccess, then there may be other apache related files that have "AllowOverride None". On that comes to mind is your virtual host file, and on my system that is located at /etc/apache2/sites-available/.
If you still have problems, check this out:
https://docs.bolt.cm/3.3/howto/making-sure-htaccess-works
Solution is for the issue, need to change in apache2.conf file after that it will works,
Change this file /etc/apache2/apache2.conf
update it same
OLD:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
New Updated Code:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
I had a similar problem. Apache 2.4.23 with .htaccess error 404 set up.
Using it with HTTP works fine; access it with HTTPS didn't work.
I seted AllowOverride All in the http.conf and error 404 wors well.

How to use DAV and DirectoryIndex in Apache 2.4?

In my apache configuration I have a virtual host configured like this:
Alias /mediamanager /storage/files/mediamanager
<Directory /storage/files/mediamanager>
DirectoryIndex /mediaManagerIndex.php
DAV On
# ... And some authentication directives ... #
</Directory>
The idea is that someone can access the files both by a WebDAV-Client and also a simple web browser in which case some pretty directory view is generated by a PHP script.
That worked great in Apache 2.2, but recently I upgraded to Apache 2.4 and now it is broken. I highly suspect I I suffer from this bug which is already 2 years old and no fix in sight. The proposed workaround to add:
<Limit PROPFIND>
DirectoryIndex never-encounterable-file-name.html
</Limit>
Does not work for me. Probably because I still want to have a directory index. If I remove my DirectoryIndex altogether WebDAV works again (no index.html or similar files exists in this directory) but of course I loose the ability to use my PHP file as directory index. I tried to specify my DirectoryIndex in a <Limit GET> but this had no effect.
Is there any way to get both DAV and DirectoryIndex to work simultaneously in Apache 2.4 on Debian (if anyhow possible without changing the source code and recompiling)?
In order to fix this, disable directory indexing for the WebDAV site.
In your sites-available/site.conf file add DirectoryIndex disabled to the <Directory> declaration, like so:
<Directory /path/to/my/webdav/dir>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
DirectoryIndex disabled
</Directory>
Then just reload Apache and you will no longer have that issue:
sudo service apache2 reload
For me, the following configuration solved both problems:
WebDAV works again
directory indexing, if the user uses a web browser to access the repository
It works by manually implementing the directory-indexing feature with simple rewrite rules, which are applied only for the GET request method.
The following code has to be placed inside the server config or virtual host context in the apache configuration file.
# Turn off (automatic) Directory-Indexing
DirectoryIndex disabled
RewriteEngine On
# Rewrite rules for the root directory
RewriteCond "%{REQUEST_METHOD}" "(GET)"
RewriteRule "^/$" "/index.php" [L]
# Rewrite rules for other sub-directories
RewriteCond "%{REQUEST_METHOD}" "(GET)"
# The following line checks, if the index.php file exists
RewriteCond "%{DOCUMENT_ROOT}/$1/index.php" "-f"
RewriteRule "^/(.*)/$" "/$1/index.php" [L]
Don't forget to reload Apache!
This is the solution I am currently using, located in a .htaccess file at the root of the directory tree used by the WebDav service. In this case I do not use PHP, only html files, but it can be easily adapted:
# Turn off automatic directory indexing
Options -Indexes
DirectoryIndex disabled
# Redirect directory requests to index.html, only for GET requests
RewriteEngine On
RewriteCond %{REQUEST_METHOD} "GET"
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)$ $1index.html [L]
In order to launch always the requested PHP file, just replace "index.html" on the last line by the PHP file name:
RewriteRule ^(.*)$ $1mediaManagerIndex.php [L]

Codeigniter application index.php removed randomly in url on amazon EC2 clound server

I am working on a web application. I am facing a very strange issue while navigating the app on cloud amazon EC2 instance 1 that it randomly choose some links and when I click on those links it is redirecting me to page not found or sometime home page or sometime on login page. Although session still persist.
Previously I have added the .htaccess file to removed the index.php from the urls but after noticing this issue I have revert the changes but my re_write_mode still enabled in apache httpd.conf file and .htaccess file reside on root of the application with commented code.
Apache configuration mentioned below.
DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Not sure why you would be running in that problem from what you posted...here is the .htaccess file I use at the root of all of my CI projects to remove index.php from the URL
RewriteEngine On
# Put your installation directory here:
# If your URL is www.example.com/, use /
# If your URL is www.example.com/site_folder/, use /site_folder/
RewriteBase /
# Do not enable rewriting for files or directories that exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# For reuests that are not actual files or directories,
# Rewrite to index.php/URL
RewriteRule ^(.*)$ index.php/$1 [PT,L]
Nothing looks extremely out of the ordinary regarding your apache config. I would say that it sounds more like a problem with your "routes." Do you have any custom routes setup in your app?
Also, did you change your $config['index_page'] and/or $config['base_url'] in your config file?

.htaccess to block access to files in another directory without <directory>

I'm using the rule below in .htaccess to block bots that hammer my site for the listed .php files, i.e. mydomain.com/join.php:
<FilesMatch "(signup|register|join|timthumb)\.php$">
order allow,deny
deny from all
</FilesMatch>
But how can I also protect the same file names in folders in the tree, i.e. mydomain.com/otherdirectory/join.php?
Those file names in other directories are hit less often than root, but I'd still like throw an forbidden error rather than the site 404 page.
I tried, and since I'm on a shared server, I can't use the <Directory> directive.
You may try this in the .htaccess file in root directory:
Options +FollowSymlinks -MultiViews
RewriteEngine On
# Files to protect in next line
RewriteCond %{REQUEST_URI} (join|file1|file2)\.php [NC]
RewriteRule .+ - [F,NS,L]

Any .htaccess rule results in a 500 error

I have an .htaccess problem on my localhost Apache server. If I put anything in the .htaccess file, I get an Internal Server Error. I'm trying
Options +FollowSymlinks
or
RewriteEngine on
or
RewriteRule (.*)\.htm $1.php
But they all return the same error.
Likely your AllowOverride setting does not include neither Options nor FileInfo.