PDA

View Full Version : ISPConfig, Drupal, and .htaccess


jon335
8th October 2005, 17:06
I am trying to install Drupal for my website, but I am running into a problem. When I go to my website I get:
500 Internal Server Error

I uploaded all the files for drupal, created the database, and edited the settings file for my site.

Here is part of the log:

error.log
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here
[Sat Oct 08 10:54:09 2005] [alert] [client 192.168.1.230] /var/www/web1/web/.htaccess: Options not allowed here


.htaccess
#
# Apache/PHP/Drupal settings:
#

# Protect files and directories from prying eyes.
<Files ~ "(\.(inc|module|pl|sh|sql|theme|engine|xtmpl)|Entri es|Repositories|Root|scripts|updates)$">
Order deny,allow
Deny from all
</Files>

# Set some options.
Options -Indexes
Options +FollowSymLinks

# Customized error messages.
ErrorDocument 404 /index.php

# Set the default handler.
DirectoryIndex index.php

# Override PHP settings. More exist in sites/default/settings.php, but
# the following cannot be changed at runtime. The first IfModule is
# for Apache 1.3, the second for Apache 2.
<IfModule mod_php4.c>
php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
</IfModule>

<IfModule sapi_apache2.c>
php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
</IfModule>

# Reduce the time dynamically generated pages are cache-able.
<IfModule mod_expires.c>
ExpiresByType text/html A1
</IfModule>

# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on

# Modify the RewriteBase if you are using Drupal in a subdirectory and
# the rewrite rules are not working properly.
#RewriteBase /drupal

# Rewrite old-style URLs of the form 'node.php?id=x'.
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{QUERY_STRING} ^id=([^&]+)$
#RewriteRule node.php index.php?q=node/view/%1 [L]

# Rewrite old-style URLs of the form 'module.php?mod=x'.
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{QUERY_STRING} ^mod=([^&]+)$
#RewriteRule module.php index.php?q=%1 [L]

# Rewrite current-style URLs of the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
</IfModule>

# $Id: .htaccess,v 1.66 2005/03/20 19:15:00 dries Exp $


What should I do?? :confused: :confused:

till
8th October 2005, 17:31
At the end of your httpd.conf is a section like this:

<Directory /home/www/*/web>
Options +Includes +FollowSymlinks -Indexes
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all

<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>
There you must chnage the AllowOverride statement to allow all settings in the drupal .htaccess file. For test purposes you might even change it to: AllowOverride All

Then restart your apache webserver.

jon335
8th October 2005, 17:57
Where is httpd.conf located?

I'm using the Ubuntu 5.04 Perfect Setup.

till
8th October 2005, 19:05
Where is httpd.conf located?

I'm using the Ubuntu 5.04 Perfect Setup.

In Ubuntu the httpd.conf file is named /etc/apache2/apache2.conf

jon335
8th October 2005, 23:47
Thanks, that worked perfectly. Is it OK to leave the AllowOverride setting set to All, or should I set it to something else?

till
9th October 2005, 12:19
AllowOverride All means that all settings allowed in the vhost configuration can be overridden with .htaccess files. Thats insecure because your customers are able to change their apache configuration. Maybe you have a look at the apache.org website, there is a documentation what settings are allowed with allow override and you can decide which rights you want to give to your customers.

falko
9th October 2005, 13:37
Hi jon335,

here's another thread that might be interesting for you: http://www.howtoforge.com/forums/showthread.php?t=38

It has nothing to do with your problem in this thread, but it has also to do with Drupal (and apache rewrite rules). :) In case you run into the same problems when playing around with Drupal... ;)

stamy
4th May 2006, 21:02
I've got it !

The solution was to modify this file: /etc/apache2/apache2.conf

<Directory /home/www/*/web>
Options +Includes +FollowSymlinks -Indexes
#===============HERE==============
AllowOverride All
#=================================
Order allow,deny
Allow from all

<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

Thank's all for your help (maybe there is a cleaner way to do that, lower risk without using "All" for AllowOverride options).

minskog
16th May 2006, 14:10
I've got it !

The solution was to modify this file: /etc/apache2/apache2.conf

<Directory /home/www/*/web>
Options +Includes +FollowSymlinks -Indexes
#===============HERE==============
AllowOverride All
#=================================
Order allow,deny
Allow from all

<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

Thank's all for your help (maybe there is a cleaner way to do that, lower risk without using "All" for AllowOverride options).

I do it, but dont works for me:

<Directory /usr/var/www/virtual/*/web>
Options +Includes -Indexes
AllowOverride All
#AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>



Gives error 500.

falko
16th May 2006, 15:48
What's in your Apache error log?

stamy
16th May 2006, 19:30
Have you restarted apache ?
Your web pages are locatd under /home/www/virtual/*/web and not under /home/www/*/web ?

pinz0
1st August 2006, 22:52
hello -
i was reading these entries and tried to fix my problems.
since i've put drupal into my /home/web6/web/cms - directory, i have the
"500 Internal Server Error".


my httpd.conf looks like this:


<Directory /home/*/user/*/web>
Options +Includes -Indexes
AllowOverride All
# AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>



and the .htaccess-file looks like this:


#
# Apache/PHP/Drupal settings:
#

# Protect files and directories from prying eyes.
<FilesMatch "(\.(engine|inc|install|module|sh|.*sql|theme|tpl(\ .php)?|xtmpl)|code-style\.pl|Entries.*|Repository|Root)$">
Order deny,allow
Deny from all
</FilesMatch>

# Set some options.
Options -Indexes
Options +FollowSymLinks

# Customized error messages.
ErrorDocument 404 /index.php

# Set the default handler.
DirectoryIndex index.php

# Override PHP settings. More in sites/default/settings.php
# but the following cannot be changed at runtime.

# PHP 4, Apache 1
<IfModule mod_php4.c>
php_value magic_quotes_gpc 0
php_value register_globals 0
php_value session.auto_start 0
</IfModule>

# PHP 4, Apache 2



this is in the LOG-file (/home/web6/log):


[Wed Aug 02 10:23:16 2006] [alert] [client 85.125.230.181] /home/web6/web/.htaccess: Options not allowed here



so, i really don't know how to make it work properly.
Please folks, help me!

geek.de.nz
2nd August 2006, 03:19
<Directory /home/*/user/*/web>
Options +Includes -Indexes
AllowOverride All
# AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>



change to


<Directory /home/*/user/*/web>
Options +Includes -Indexes
AllowOverride All
# AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
# <Files ~ "^\.ht">
# Deny from all
# </Files>
</Directory>


Try this. I'm not sure if that will work, but I think

<Files ~ "^\.ht">
Deny from all
</Files>


prevents .htaccess to be loaded. "^\.ht" is a regular expression matching files beginning with ".ht", so .ht*.

I could be mistaken though. Have a look at the docs on the apache website.

falko
2nd August 2006, 14:07
<Directory /home/*/user/*/web>
Options +Includes -Indexes
AllowOverride All
# AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

is the wrong stanza.

It's this stanza:

<Directory /home/*/web>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>that you must change.

pinz0
2nd August 2006, 14:32
THANKS!

it works now! many thanks for the quick help.
bests!

pinz0
3rd August 2006, 18:03
hello again,

another problem showed up with isp-config and drupal :( .
for some reason it is not possible to view uploaded files.
if i click on the link of the uploaded file the server again posts the "500 error".

is there someone who can help me with that problem?

bests!

falko
4th August 2006, 13:21
The problem is the .htaccess file in your files directory. If you remove it, it should work, but as far as I know this opens a security hole so this is not recommended...

pinz0
4th August 2006, 16:53
The problem is the .htaccess file in your files directory. If you remove it, it should work, but as far as I know this opens a security hole so this is not recommended...

thanks for your response.

yes, if i rename or remove the .htaccess-file in /files, than it works fine, but as you mention, this can't be the way..

any recommendations for the .htaccess - file or for another back door-solution?

pinz0
4th August 2006, 18:03
ok, i think i have a solution for the problem.
i pasted this into /etc/apache2/apache2.conf:


<Directory /home/*/web/drupal/files>
AllowOverride All
Order allow,deny
Allow from all
</Directory>


i think, that this works for all drupal-installs on the server.

bests!

nzimas
17th June 2007, 03:18
Puzzling.

I have tried several recipes to allow .htaccess overrides and still get the error 500.

my apache2.conf looks like:

<Directory /var/www/*/web>
Options +Includes -Indexes
AllowOverride All
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>


The error log reports:

Sat Jun 16 20:49:50 2007] [alert] [client 83.165.10.237] /var/www/web2/web/.htaccess: Options not allowed here, referer: http://www.familythrive.com/administrator/index2.php?option=com_sef&task=showconfig

I have this actual web located at /var/www/web2/web/

Do i need to tweak anything at /etc/apache2/vhosts/Vhosts_ispconfig.con?

Thanks,
Nuno.

till
17th June 2007, 13:04
Please remove the line "AllowOverride Indexes AuthConfig Limit FileInfo" in the above apache2.conf part.

What you did is that you first allowed all and then added the limitaions again with the second line.

Hans
18th June 2007, 00:20
For information only:

There is a Drupal Howto available here:
http://www.howtoforge.com/drupal_ispconfig

sojic
15th November 2008, 20:57
I have problem with AllowOverride.

I need AllowOverride All to all sites.

ISPConfig generate vhosts/Vhosts_ispconfig.conf and for each virtual site generate

<Directory /var/www/web1/web>
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride None
Order allow,deny
allow from all
AddHandler mod_python .py
PythonHandler mod_python.publisher
PythonDebug On
</Directory>


How to "skip" generating of AllowOverride None for each site?

falko
16th November 2008, 13:22
You can change this in the make_vhost() function in /root/ispconfig/scripts/lib/config.lib.php.