Url rewrite subfolder to root and forbid accessing subfolder - apache

I have drupal installed in a subfolder drupal, but I want to access pages as it is in root folder: http://www.example.com instead of http://www.example.com/drupal
I'm able to have this working, but it's also working with url containing subfolder, so I have http://www.example.com and a clone site in http://www.example.com/drupal
What is the rule to forbid access to subfolder?
I want all url starting with http://www.example.com/drupal being forbidden.
This is .htaccess in / directory:
Options -Indexes
Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
</IfModule>
And this is drupal .htaccess in /drupal/ directory:
Options -Indexes
Options +FollowSymLinks
ErrorDocument 404 index.php
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_initialize_variables() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
RewriteRule "(^|/)\." - [F]
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteBase /drupal
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
#RewriteRule ^ index.php [L]
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header append Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>

It looks like you're rewriting stuff to the /drupal/ directory, so you don't want to completely forbid access, otherwise going to http://www.example.com will be denied because it gets rewritten to /drupal. I'm assuming you want to disable requests that are directed to the drupal directory, so you'd need to add this somewhere:
RewriteCond %{THE_REQUEST} ^([A-Z]{3,9})\ /drupal/
RewriteRule ^drupal - [F,L]
Adding this to the top of the .htaccess (just under RewriteEngine On) in your document root should be sufficient. If not, try adding it to the one in your drupal directory (just under RewriteEngine On).

I solved this adding these two lines after RewriteEngine on in /drupal/.htaccess:
# deny access to url starting with /drupal/
RewriteCond %{THE_REQUEST} ^([A-Z]{3,9})\ /drupal/
RewriteRule .* - [F,L]
Using R=403 avoids problems with drupal "not found" handler: ErrorDocument 404 drupal/index.php

Try to change this in your .htaccess in / directory:
Options -Indexes
Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine On
# if access is straight to drupal (= no rewrite rule)
# notify in query string:
RewriteRule (drupal/(.*)) $1?straight=1 [QSA]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
</IfModule>
Add this in your drupal dir .htaccess file just after RewriteEngine On:
RewriteEngine On
RewriteCond %{QUERY_STRING} straight=1
# "not found" 404 :
RewriteRule .* - [R=404,L]
Tell me if it works :)

Related

Forbidden You don't have permission to access this resource error when saving a web page with embedded pdf

Site is zen cart. Trying to add
<embed src="pdf/timetable.pdf" height="1000" width="900"></embed>
to an ezpage.
As soon as I click to update, I get a warning:
Forbidden
You don't have permission to access this resource.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
I checked cPanel logs and it shows
[Mon Nov 25 08:32:31.650242 2019] [access_compat:error] [pid 249998:tid 139962720311040] [client xxx.xxx.xx.xx:xxxxx] AH01797: client denied by server configuration: /home/mysitefolder/public_html/403.shtml, referer: http://example.com/admindir/ezpages.php?page=1&ezID=17&action=new
I checked htaccess, and in root htaccess file it has
# BEGIN CEON URI MAPPING REWRITE RULE
RewriteEngine On
# Don't rewrite any URIs ending with a file extension (ending with .[xxxxx])
RewriteCond %{REQUEST_URI} !\.[a-z]{2,5}$ [NC]
# Don't rewrite any URIs for some, popular specific file format extensions,
# which are not covered by main file extension condition above
RewriteCond %{REQUEST_URI} !\.(mp3|mp4|h264)$ [NC]
# Don't rewrite any URIs for some specific file format extensions,
# which are not covered by main file extension condition above
# Uncomment the following line to apply this condition! (Remove the # at the start of the next line)
#RewriteCond %{REQUEST_URI} !\.(3gp|3g2|h261|h263|mj2|mjp2|mp4v|mpg4|m1v|m2v|m4u|f4v|m4v|3dml)$ [NC]
# Don't rewrite admin directory
RewriteCond %{REQUEST_URI} !^/admindir [NC]
# Don't rewrite editors directory
RewriteCond %{REQUEST_URI} !^/editors/ [NC]
# Don't rewrite logs directory
RewriteCond %{REQUEST_URI} !^/logs/ [NC]
# Don't rewrite js directory
RewriteCond %{REQUEST_URI} !^/js/ [NC]
# Don't rewrite cgi-bin directory
RewriteCond %{REQUEST_URI} !^/cgi\-bin/ [NC]
# Don't rewrite ajax directory
RewriteCond %{REQUEST_URI} !^/ajax/ [NC]
# Don't rewrite kta directory
RewriteCond %{REQUEST_URI} !^/jrq/ [NC]
# Don't rewrite oexport directory
RewriteCond %{REQUEST_URI} !^/oexport/ [NC]
# Don't rewrite min directory
RewriteCond %{REQUEST_URI} !^/min/ [NC]
# Don't rewrite tempEP directory
RewriteCond %{REQUEST_URI} !^/tempEP/ [NC]
# Don't rewrite bmz_cache directory
RewriteCond %{REQUEST_URI} !^/bmz_cache/ [NC]
# Don't rewrite pdf directory
RewriteCond %{REQUEST_URI} !^/pdf/ [NC]
# Don't rewrite htmlincludes directory
RewriteCond %{REQUEST_URI} !^/htmlincludes/ [NC]
# Handle all other URIs using Zen Cart (its index.php)
RewriteRule .* index.php [QSA,L]
## END CEON URI MAPPING REWRITE RULE
Then in the admin directory, there is another htaccess file containing
DirectoryIndex index.php
# deny *everything*
<FilesMatch ".*\..*">
Order Allow,Deny
Deny from all
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(^$|^favicon.ico$|.*\.(php|js|css|jpg|gif|png|pdf)$)">
Order Allow,Deny
Allow from all
</FilesMatch>
IndexIgnore */*
# The following makes adjustments to the SSL protocol for Internet Explorer browsers
<IfModule mod_setenvif.c>
<IfDefine SSL>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfDefine>
</IfModule>
#turn off X-PHP-Originating-Script header when sending emails from admin
#uncomment to activate:
# php_flag mail.add_x_header Off
Can anyone suggest what might be the problem here? Do I need to add something else to an htaccess file, or does my host need to change something in apache config?

htacess force to https protocol

I have a htaccess file that is forcing http:// connections to https:// however if the user happens to come along to my site at http://example.com/some-page instead of redirect to the same url but on https:// it redirects the user to the home page on a https connection why is this?
Below is my .htaccess,
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_environment_initialize() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# Make sure Authorization HTTP header is available to PHP
# even when running as CGI or FastCGI.
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
#
# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
# not possible to block access to entire directories from .htaccess, because
# <DirectoryMatch> is not allowed here.
#
# If you do not have mod_rewrite installed, you should remove these
# directories from your webroot or otherwise protect them from being
# downloaded.
RewriteRule "(^|/)\." - [F]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
# RewriteBase /drupal
#
# If your site is running in a VirtualDocumentRoot at http://example.com/,
# uncomment the following line:
# RewriteBase /
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
# Add headers to all responses.
<IfModule mod_headers.c>
# Disable content sniffing, since it's an attack vector.
Header always set X-Content-Type-Options nosniff
</IfModule>
AddType x-httpd-php7 .php
Modify your HTTP to HTTPS rule:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
to this:
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
or this:
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
This is my go to code. I put right under RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}].
# Force SSL
# Source: https://stackoverflow.com/questions/26620670
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

Magento - Routing

The problem is, I can access my page on
http://domain.com:8080/
But when I try to go to admin
http://domain.com:8080/admin
404 Error
But when I add:
http://domain.com:8080/index.php/admin
It works
I need to set it up working as this
http://domain.com:8080/admin
My virtualHost looks like
<VirtualHost domain.com:8080>
DocumentRoot "C:\xampp\htdocs\magento\magento"
ServerName domain.com
<Directory "C:\xampp\htdocs\magento\magento">
Require all granted
Allow from all
</Directory>
I was already checking in:
File: app/code/core/Mage/Core/Controller/Varien/Router/Standard.php -> _validateControllerClassName
But it doesn't simply go there
Any suggestions?
It should work when you have the standard .htaccess file in your project root. The following configuration should rewrite everything which is not pointing to a real file to the index.php.
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
RewriteBase /
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
But it will only work if you have mode_rewrite enabled.

1&1 web hosting not reading my .htaccess file

It seems that my web host (1&1) is not reading my .htaccess file.
I tried configuring my .htaccess file to prevent file access via the web browser, specifically all files with the following extensions: .txt, .jpg, .jpeg, .pdf, .xlsx, .xls, .doc, .docx, .eps, .gif, .png.
Here is my .htaccess file:
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
Options -Indexes
# 1und1 needed for php extensionless redirect.
Options -MultiViews
<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteBase /relative/web/path/
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+)$ /$index.php [L,QSA]
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*) index.php
RewriteCond %{HTTP:Authorization} !^$
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain\.ltd [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain\.ltd.*$ [NC]
RewriteRule \.(gif|jpg|js|txt|php|html|css|js)$ /messageforcurious [L]
</IfModule>
<FilesMatch "\.(txt|jpg|jpeg|pdf|xlsx|xls|doc|docx|eps|gif|png)$">
Deny from all
</FilesMatch>
#php_value register_globals 0
How do I achieve what I want? Any tips?
It seems that the .htaccess file is readable by 1&1, but there is an easier way to block access to all files than what you are doing.
If you truly want to block all people from visiting your website - which is what blocking all files will do - you can make your .htaccess into:
Deny from all
Otherwise, you can do this, which will allow only some files to be accessed (in this case, only .html files):
<FilesMatch "\.html$">
Allow from YOUR_IP_ADDRESS
Deny from all
</FilesMatch>
For more reading, I'd look at this 1&1 overview of their .htaccess file
Note: I am entirely unsure of what your index.php redirects are doing above, since it seems that you want them to go to /messageforcurious. I'd remove those index.php redirects since it seems you don't want them.

htaccess not working in ubuntu

Hello a couple months ago I started a website project, after weeks last night I continued developing it on my windows pc were everything worked fine.
Today I ported it to ubuntu 12.04 lts and after starting up my apache / mysql tried to hit some website urls.(set up with vhost like so: tms.localhost/path...)
The Issue I'm facing and I have no idea why is that the clean urls and the mod_rewrite doesn't seem to work. My custom php redirection - page loading script isn't being called anymore(index.php).
Here is the htaccess that is unchanged since day 1. Need to mention that works only if I just enter the vhost url like so http://tms.localhost/ if i add anything after that I get the default apache 404 page.
#Debugging - Error reporting
php_flag display_startup_errors on
php_flag display_errors on
php_flag html_errors on
#Commpression
<ifmodule mod_deflate.c="">
<filesmatch ".(js|css|html|png|jpg|jpeg|swf|bmp|gif|tiff|ico|eot|svg|ttf|woff|pdf)$"="">
SetOutputFilter DEFLATE
</filesmatch>
</ifmodule>
Options All -Indexes +FollowSymLinks -MultiViews
<IfModule mod_rewrite.c>
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
# remove spaces from start or after /
#RewriteRule ^(.*/|)[\s%20]+(.+)$ $1$2 [L,R=301,NE]
# remove spaces from end or before /
#RewriteRule ^(.+?)[\s%20]+(/.*|)$ $1$2 [L,R=301,NE]
# replace spaces by - in between
#RewriteRule ^([^\s%20]*)(?:\s|%20)+(.*)$ $1+$2 [L,R=301,NE]
# Remove trailing slash
RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [L,R=301]
# Add trailing slash
#RewriteCond %{REQUEST_URI} !(/$|\.)
#RewriteRule (.*) %{REQUEST_URI}/ [L,R=301]
# Remove multiple slashes
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/{2,} [NC]
RewriteRule ^(.*) $1 [R=301,L]
# Clean url rewrite
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !^.*\.(png|jpg|jpeg|bmp|gif|css|js|json)$ [NC]
#RewriteRule ^([^/]+/?.+)$ /index.php?req=$1 [L,QSA]
#RewriteRule ^(.*)$ /index.php?req=$1 [L,QSA]
RewriteRule ^(.*)$ /index.php [L,QSA]
</IfModule>
# Big thnx to anubhava for his regex help - linkedin.com/in/anubhava
UPDATE
The index.php works as a page file loader it doesn't contain any html.
Only the root url works and loads the corresponding php file, hence mod_rewrite is enabled.
htaccess fails to translate the rest of the requests I suppose ?
vhostfile tms.localhost
<VirtualHost *:80>
ServerAdmin webmaster#tms.localhost
DocumentRoot /var/www/tms
ServerName tms.localhost
#ServerAlias www.example.com
</VirtualHost>
modules phpinfo() :
core mod_log_config mod_logio prefork http_core mod_so mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_deflate mod_dir mod_env mod_mime mod_negotiation mod_php5 mod_reqtimeout mod_rewrite mod_setenvif mod_status
Well there was nothing wrong with it.
Apparently either the compression program or google drive (where I kept the project renamed .htaccess to htaccess...