CODEWITHSUNDEEP
apachemod-rewriteapache2symlinkhttpd.conf
brentonstrine
brentonstrine

Reputation: 22772

Turning RewriteEngine on creates 403 error--how to turn on FollowSymLinks?

I am working with the built-in Apache2 on OSX. I moved the document root to a folder on my desktop and made sure that _www and everyone have read access. It works fine and great, PHP works, everything works until I add a .htaccess with this line only:

RewriteEngine on

As soon as I do that, everything in the directory with the file is 403 Forbidden:

Forbidden
You don't have permission to access /dir/file.txt on this server.

Apache logs show this error:

[error] [client 127.0.0.1] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /Users/uname/Desktop/localhost/dir/filename.txt

I've gone through httpd.conf and made sure that I've enabled FollowSymLinks to no avail:

DocumentRoot "/Users/uname/Desktop/localhost"
<Directory />
    Options FollowSymLinks
    Options SymLinksIfOwnerMatch 
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

<Directory "/Users/uname/Desktop/localhost">
    Options FollowSymLinks
    Options SymLinksIfOwnerMatch 
    Options Indexes MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

If I comment out RewriteEngine on in the .htaccess file, then everything works fine, except rewrite rules, obviously. On OSX 10.8.5, httpd.conf is located in /etc/apache2 which also has the folder users containing individual files for uses, e.g. uname.conf, but I've added symlinks in here same as in the other. I noticed there's also a folder extra with files like httpd-userdir.conf, but they don't seem to disable anything.

Where else can FollowSymLinks be turned on (or off)?

Upvotes: 5

Views: 3404

Answers (2)

Kyle Coots
Kyle Coots

Reputation: 2131

I had an issue with getting a 403 the solution for me was changing my rewrite rules. My complete directives are as follows:

<Directory "/var/www/">

<LimitExcept GET POST HEAD>
  Order Allow,Deny
  Deny from all
  Satisfy all
</LimitExcept>

Require all granted
AllowOverride None

# Disable includes and cgi
Options -Includes
Options -ExecCGI

<IfModule mod_rewrite.c> 

RewriteEngine On

# Redirdect to HTTPS
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule ^(.*)$ - [F,L]

# Put your installation directory here:
RewriteBase /

# Do not enable rewriting for files or directories that exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# remove index.php
RewriteRule ^(.*)$ /index.php/$1 [L]

# If your host requires forcing query strings.
# Notice the question at the end of index.php 
# on the last rule
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule ^(.*)$ /index.php?/$1 [L]

</IfModule> 

</Directory>
ServerName www.example.com
ServerAlias www.example.com

Upvotes: 0

codnodder
codnodder

Reputation: 1675

You have to either put your Options on one line, or add a + sign in front of your Options so Apache understands you want merge them. At the moment only the last Options directive ('Options Indexes MultiViews') is being applied since it is overwriting all the prior Options.

Try this (which will overwrite the '/' Options):

<Directory "/Users/uname/Desktop/localhost">
   Options Indexes MultiViews FollowSymLinks SymLinksIfOwnerMatch
   AllowOverride All
   Order allow,deny
   Allow from all
</Directory>

Upvotes: 5

Related Questions