Reputation: 1489
Apache RewriteEngine On causes 403 error
I have a Linux box running Centos 6.6 with Apaches 2.2.x For some unknown reason, turning on the rewrite engine causes a 403 error (this happens whether I add a rewrite rule or not).
I have spent hours researching this and have made changes to my config in accordance with advice I have found in many places, but still got nowhere.
Currently in my .htaccess I have this:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
</IfModule>
In the directives for the virtual host, I have this:
DocumentRoot /var/www/html/example.uk
<Directory /var/www/html/example.uk>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName example.uk
ServerAlias www.example.uk
(This seems to work in a Debian box, but not for my Centos machine.)
In my httpd.conf I have changed
AllowOverride None
to
AllowOverride All
my httpd.conf also contains
LoadModule rewrite_module modules/mod_rewrite.so
Error log says:
Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/html/example.uk
Now, I have previously added SymLinksIfOwnerMatch to the directives, but it didn't solve the problem.
I followed this and all seemed to go as it should.
Upvotes: 9
Views: 4505
Answers (4)
Reputation: 370
Another possibility with Apache 2.4 is caused by Options -FollowSymlinks which will also throw a 403 error and generate the following log:
AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions
This was not the case in the original post, but if it comes up you would need to re-enable FollowSymLinks using this line:
Options +FollowSymLinks
Upvotes: 1
Reputation: 190
Since apache version >= 2.4 directive
Order allow,deny
allow from all
leads to a global 403, to ensure this if you check you're apache's log :
[Tue May 05 11:54:32.471679 2015] [authz_core:error] [pid 9497] [client 127.0.0.1:35908] AH01630: client denied by server configuration: /path/to/web/
Comment Directive Order and add Require all granted like bellow:
Require all granted
#Order allow,deny
#allow from all
Hope this help.
Edit :
explanation from apache
This behaviour is provided by new module mod_authz_host
For list of restriction available (ip, host, etc) http://httpd.apache.org/docs/2.4/en/mod/mod_authz_host.html
Upvotes: 2
Reputation: 98921
This happens when Apache doesn't have execute rights for
/var
/var/www
/var/www/html
/var/www/html/example.uk
Run:
chmod o+x /var /var/www /var/www/html /var/www/html/example.uk
Upvotes: 2
Reputation: 24448
You should remove this line from htaccess
Options +FollowSymLinks
You already have it in the apache vhost file. Also if you should add a rule if you're going to turn on mod_rewrite or there is no point to turning it on.
Upvotes: 1
Related Questions
- .htaccess: RewriteEngine not allowed here
- RewriteEngine on gives error 403
- "RewriteEngine not allowed here" caused by htaccess in parent directory
- .htaccess file Not Being Read
- How to enable mod_rewrite on Apache server
- RewriteRule not working. 403 Error
- .htaccess RewriteRule causing 403 Forbidden
- 403 url rewrite error issue
- 403 Forbidden error from specific htaccess Rewrite
- mod_rewrite on 403 error