Whatever I do, .htaccess won't do the job

Question

Working with .htacess file has always been a very frustrating experience for me. Someone please help.

This is what I want to achieve:

• I am running Ubuntu 14.04.
• Redirect my entire site (example.com) to a maintenance.html page.
• Block everybody else except one IP, for example, I need to allow only 123.456.789.0

Here are my files:

• Location of my index.html is /var/www/html
• Location of my maintenance.html is /var/www/html
• Location of my .htaccess file is /var/www/html

Contents of My .htaccess file:

#Rewrite to www
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com[nc]
RewriteRule ^(.*)$ http://www.example.com/$1 [r=301,nc]

#301 Redirect Old File
Redirect 301 /index.html /maintenance.html

#Block users by IP
order allow,deny
deny from all 
allow from 123.456.789.0

Please help me understand:

• Is the location of each of the above files right? In what cases, the page ends up in 500 internal server error?
• What changes should I make in
  • /etc/apache2/apache.conf
  • /etc/apache2/sites-enabled/000-default.conf OR
  • /etc/apache2/sites-available/000-default.conf
• Is is necessary to run a2enmod rewrite?
• Should I add <IfModule mod_rewrite.c> and </IfModule> as header and footer in any of the above config files?

Sorry for too many questions, but I really want know it all this time. Thanks in advance.

Answer 1

Thanks to @OlafDietsche and @ÁlvaroGonzález for this quick help. I am keeping their suggestions here so somebody like me will find it useful.

The problem is with my goals, not with the syntax. With their comments and answers, I came to know that my 2 goals were mutually contradicting ones.

I configured .htaccess to do both page-redirection and IP block. But if I am blocking (almost) everybody from accessing the site, page redirection makes no sense.

The required configuration in .htaccess is:

  #Rewrite to www
  Options +FollowSymLinks
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^example.com[nc]
  RewriteRule ^(.*)$ http://www.example.com/$1 [r=301,nc]

  #301 Redirect Old File
  Redirect 301 /index.html /maintenance.html

Answer 2

Is the location of each of the above files right? In what cases, the page ends up in 500 internal server error?

A "500 Internal Server Error" message means there's an error and you're expected to check the server logs for the exact details. Apache will not display the error message to be seen by everyone.

What changes should I make

It depends on what the problem is. If the problem is "500 Internal Server Error" that means that we still don't know what the problem is.

Is is necessary to run a2enmod rewrite?

That command enables mod_rewrite. You need to enable it if it isn't enabled. You don't need to enable it if it's already enabled.

It's worth noting that this command is not part of official Apache distribution. Some Linux distros (namely Debian and derivatives) change third-party packages to match their configuration preferences, as in this case.

Should I add <IfModule mod_rewrite.c> and </IfModule> as header and footer in any of the above config files?

As documentation explains, this block can be used to ignore directives when a given module is not installed. This can be useful for configuration templates to be distributed and optional features. In your case, it'll silently ignore your code if mod_rewrite is not available—you don't want that.

---

Last but not least:

order allow,deny
deny from all 
allow from 123.456.789.0

... belongs to the old (and really hard to understand) Apache/2.2 syntax. If you are using Apache/2.4* you may want to try Require.

(*) _{Some distros hate bundling recent software but 2.4 has been around for several years}