Is there a way to tell Apache to ignore other .htaccess files under current directory?
For example:
/web/.htaccess [this is parsed, I would like to define the rule here]
/web/uploads/.htaccess [this should be ignored]
In your main apache config, add the directive AllowOverride None.
This will prevent it from looking at .htaccess files.
For more info, see http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
Related
I want to prevent directory file listing in all of my folders, so when a user types http://example.com/thisDoesNotExists/, the directory file listing do not show up.
According to a tutorial all I have to do is set IndexIgnore *
I try to set it in the httpd.conf, so I do
<IfModule mod_autoindex>
IndexIgnore *
</IfModule>
at the bottom of the httpd.conf.
It does not work. I get my 404errorPage.html without any styles.
How can I fix this? Thanks.
Disclaimer : I try to set this in httpd.conf and not htaccess because "You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance." According to this.
Your <IfModule> argument is wrong so the enclosing directive is never evaluated. The argument either needs to be the modules name (you can see
this in the corresponding LoadModule) or the main source filename.
Both "autoindex_module" and "mod_autoindex.c" work.
Here is another way to do it:
You should edit /etc/httpd/conf/httpd.conf, find the code block with
<Directory "/var/www/html">
Options Index FollowSymLinks
</Directory>
You should remove the Index in there then restart your httpd service by
sudo service httpd restart
Given the directory www/html/file.php would it be it be appropriate to place my .htaccess alongside with file.php?
That way making rules for file.php (demo example below)
~Rule~ file.php ...
file.php would be located.
No. It depends on the setting of AllowOverride for specific directories - however, in most configurations AllowOverride is enabled for the document root.
See http://httpd.apache.org/docs/current/de/howto/htaccess.html#page-header
According to that documentation, you should put any rules into the global configuration file instead of .htaccess files if possible. if you can't access the global configuration file, you should put the .htaccess file into the folder it applies to.
I have been trying to use the 'auto-prepend-file' value to set a PHP script to be ran before every page from that directory. Currently, I'm destroying and creating a session, then setting a session variable.
But if I try to access session variables from a page, there is no value in them.
Can this value be prevented from being set in a .htaccess file?
Will the prepended script be ran when called for non-php pages aswell?
Can this value be prevented from being set in a .htaccess file?
It is possible to disable session cookies with a .htaccess file, but I doubt that's the real problem in your case. Are you sure the file is actually getting prepended at all? Try a more direct test, like adding die('The prepended file was executed.') to the file.
Will the prepended script be ran when called for non-php pages aswell?
The auto_prepend_file directive only applies to files parsed by PHP. In most server configurations that will only include .php files. However, you can use the AddHandler directive to make Apache execute PHP in other file types as well.
For example, if you use AddHandler to add .html as another file type that can contain PHP code, auto_prepend_file will also apply to .html files.
What ended up solving it for me was setting the "AllowOverride" directive on my Apache configuration file. In order to allow .htaccess privileges on given folder, you should have something like...
# Allow .htaccess settings
<Directory "/absolute/path/to/htaccessfolder">
AllowOverride Options
</Directory>
...on httpd.conf, which allows overriding option settings from the selected directory.
I want to use .htaccess to prevent directory listing.
I've got pages within /location/ but I don't have an index file. So I want to redirect to /location/about.php for example.
Is there a way to do this, without creating an index.html and redirecting requests to that?
Thanks for the help!
If you're asking for a file in place of 'index.html', see "DirectoryIndex" to tell it what files to use in place of 'index.html':
DirectoryIndex about.php index.html
Options –Indexes
... if you're trying to redirect all directories to a single page, then I'd cheat and do the following, which will mostly do what you're asking for:
Options +Indexes
IndexOptions +SuppressHTMLPreamble
IndexIgnore *
HeaderName /includes/header.html
ReadmeName /includes/readme.html
... and set /includes/header.html with whatever message you want (or containing a meta-redirect), and /includes/readme.html to be blank.
I know this is an older thread but I just had to implement something similar and did it the following way:
Options -Indexes
ErrorDocument 403 /location/about.php
Basically, Options -Indexes prevents directory listing and ErrorDocument 403 rewrites the default 403 message.
Changing DirectoryIndex and Options works, but using mod_alias means that you don't have to change it back in nested directories.
Redirect 303 /location/ /location/about.php
Here is a direct link to what you need:
http://www.webweaver.nu/html-tips/web-redirection.shtml
If you need something more advanced to handle parameters or need to remap old URLs to new ones, you can use URL rewriting:
http://corz.org/serv/tricks/htaccess2.php
Prevent directory listing (or return an empty directory listing):
http://www.besthostratings.com/articles/prevent-directory-listing.html
I have pushed my .htaccess files to the production severs, but they don't work. Would a restart be the next step, or should I check something else.
A restart is not required for changes to .htaccess. Something else is wrong.
Make sure your .htaccess includes the statement
RewriteEngine on
which is required even if it's also present in httpd.conf. Also check that .htaccess is readable by the httpd process.
Check the error_log - it will tell you of any errors in .htaccess if it's being used.
Putting an intentional syntax error in .htaccess is a good check to make sure the file is being used -- you should get a 500 error on any page in the same directory.
Lastly, you can enable a rewrite log using commands like the following in your httpd.conf:
RewriteLog "logs/rewritelog"
RewriteLogLevel 7
The log file thus generated will give you the gory detail of which rewrite rules matched and how they were handled.
No:
Apache allows for decentralized management of configuration via special files placed inside the web tree. The special files are usually called .htaccess, but any name can be specified in the AccessFileName directive... Since .htaccess files are read on every request, changes made in these files take immediate effect...
From the apache documentation:
Most commonly, the problem is that AllowOverride is not set such that your configuration directives are being honored. Make sure that you don't have a AllowOverride None in effect for the file scope in question. A good test for this is to put garbage in your .htaccess file and reload. If a server error is not generated, then you almost certainly have AllowOverride None in effect.
Only if you have not added the mod_rewrite module to Apache.
You only need to restart Apache if you change any Apache ".conf" files.
I have the same issue and it seems PiedPiper post about AllowOverride were most helpful. Check your httpd.conf file for "AllowOverride" and make sure it is set to All.
In case of .htaccess restart is not required if it is not working probable reasons include.
AllowOverride May not be set which user can set inside httpd.conf or might have to contact server admin.
Check the file name of .htaccess it should be .htaccess not htaccess.txt see here for guide how to create one.
Try to use Options -Indexes or deny all kind of simple directive to see if it is working or not.
clear browser cache everytime if having rule for redirects or similar if previous redirect is cached it appears as if things are not working.
What's in your .htaccess? RewriteRules? Check that mod_rewrite is installed and enabled.
Other stuff? Try setting AllowOverride to 'all' on that directory.