Hello I host some joomla sites, witch come with a coustom .htaccess file. This file causes a ".htaccess: Options not allowed here" error in the log. I guess this can be fixed by adding "AllowOverride All" in httpd.conf But what is the most sequre/best solution?
Here you go Code: ## # @version $Id: htaccess.txt 9975 2008-01-30 17:02:11Z ircmaxell $ # @package Joomla # @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. # @license http://www.gnu.org/copyleft/gpl.html GNU/GPL # Joomla! is Free Software ## ##################################################### # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE # # The line just below this section: 'Options +FollowSymLinks' may cause problems # with some server configurations. It is required for use of mod_rewrite, but may already # be set by your server administrator in a way that dissallows changing it in # your .htaccess file. If using it causes your server to error out, comment it out (add # to # beginning of line), reload your site in your browser and test your sef url's. If they work, # it has been set by your server administrator and you do not need it set here. # ##################################################### ## Can be commented out if causes errors, see notes above. Options +FollowSymLinks # # mod_rewrite in use RewriteEngine On # Uncomment following line if your webserver's URL # is not directly related to physical file paths. # Update Your Joomla! Directory (just / for root) # RewriteBase / ########## Begin - Joomla! core SEF Section # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] # ########## End - Joomla! core SEF Section ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a <script> tag in URL RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.*)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits
Please comment out the Options +FollowSymLinks line and add +FollowSymLinks to the Options line of the Apache vhost configuration of that web site.
I got a similar problem: an application is trying to write this .htaccess file every time I change some of its configuration: the problem lies with Options Indexes. I tried adding this into the ispconfig directives field for this particular vhost but had no luck, still getting a 500 error. This is inside the options for this vhost, still no luck
AllowOverride Options must go in its own line, like this: Code: <Directory /var/www/web1> AllowOverride Options </Directory>
ok, I`ll try that immediately, although I am pretty sure, I jsut copied it wrong... still if I apply the above example, does that also allow a .htaccess file in a subfodler of web1 to use the options directive?
i have exactly this very same issue can you please tell me where this file is, and further what the name of this file is that you put the "ispconfig directives field for this particular vhost" into? where are these vhosts listed? the httpd.conf file is blank thank you
If you are on Ubuntu or Debian, the main Apache configuration is in /etc/apache2/apache2.conf. If you're also using ISPConfig, the vhosts are defined in /etc/apache2/vhosts/Vhosts_ispconfig.conf. Within ISPConfig, there's a field called "Apache Directives" in the settings of each web site.
