NEW ERROR: RewriteEngine not allowed here

Discussion in 'Installation/Configuration' started by gkovacs, Apr 17, 2009.

  1. gkovacs

    gkovacs New Member

    I have a couple of Joomla sites that have been using a .htaccess based URL rewrite, running under ISPConfig 3. Recently these sites stopped working if the following .htaccess file is in place:

    Code:
    RewriteEngine On
    DirectoryIndex index.php
    RewriteBase /
    
    RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR]
    RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$  [NC]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule (.*) index.php
    The site throws an Internal Server Error, and puts this in the error.log:
    Code:
    .../web/.htaccess: RewriteEngine not allowed here
    The same thing happens if I put this .htaccess file in an empty folder and try to open it in a browser.

    I've updated ISPConfig to 3.0.1 a couple of days ago, but nothing has been changed since, and this error only started to happen today.
    What could have gone wrong?
     
    Last edited: Apr 17, 2009
  2. gkovacs

    gkovacs New Member

    Since yesterday, more sites using mod_rewrite in a .htaccess have stopped working.

    I have nailed down the problem. If this is present in a site's vhost file, mod_rewrite stops working:

    Code:
    <Directory /var/www/XXX.hu/web>
            [COLOR="Red"]Options FollowSymLinks[/COLOR]
            [COLOR="Red"]AllowOverride Indexes AuthConfig Limit[/COLOR]
            Order allow,deny
            Allow from all
    </Directory>
    
    If I manually change it to

    Code:
    <Directory /var/www/XXX.hu/web>
            [COLOR="Green"]Options All[/COLOR]
            [COLOR="Green"]AllowOverride All[/COLOR]
            Order allow,deny
            Allow from all
    </Directory>
    
    then it works. However, ISPConfig restores the previous state at any modification I do, so there is currently no way to leave these sites in a working state.
     
    Last edited: Apr 18, 2009
  3. falko

    falko Super Moderator

    You can try to add your custom directives to the Apache Directives field on the Options tab of that web site in ISPConfig.
     
  4. gkovacs

    gkovacs New Member

    I can try, but it will surely not work. If I add these two lines in the options, Apache fails to restart and rejects this config:

    Code:
    root@ispconfig:/var/clients/clientXXX/XXX.hu/web# /etc/init.d/apache2 reload
    Syntax error on line 45 of /etc/apache2/sites-enabled/XXX.hu.vhost:
    AllowOverride not allowed here
       ...fail!
    So I'm not sure what I'm supposed to add.

    But more importantly, do you have any idea why the latest ISPConfig fux up the vhosts files so no one is able to use mod_rewrite anymore?
     
    Last edited: Apr 18, 2009
  5. falko

    falko Super Moderator

    You must add this inside <Directory></Directory> directives.
     
  6. mgibson

    mgibson New Member

    Falko,

    I'm also having similar issues to gkovacs.

    Falko, in your response to "You can try to add your custom directives to the Apache Directives field on the Options tab of that web site in ISPConfig. "

    Is there a way to add these in as default so we dont have to add custom directives. If so, which file do we need to edit?

    Kind Regards,

    Mark.
     
  7. falko

    falko Super Moderator

    No, that's not possible.
     
  8. mgibson

    mgibson New Member

    Not possible at all? Or can be possible with a bit of work? :)

    I'm sure alot of ispconfig3 users would appreciate this feature when running CMS such as Drupal or Joomla.

    ISPConfig3 has to be writing the directives into the vhost somewhere...

    Regards,

    Mark.
     
  9. gkovacs

    gkovacs New Member

    You still didn't answer my question about how and why ISPConfig has changed regarding this matter. It seems to me that ISPConfig did allow mod_rewrite running out of the box, but since the latest update it does not.

    1. Why did this change happen? (Just out of curiosity, I'm interested)

    2. Why don't you (I presume you are a developer) acknowledge this change? (This seems to affect a lot of people, and will affect a lot more as soon as they modify their config and ISPConfig overwrites their vhost files, so we deserve a clarification)

    3. Is it REALLY impossible to add a checkbox to the site config that allows mod_rewrite to run as it did before?
     
    Last edited: Apr 20, 2009
  10. Mogi

    Mogi New Member

    You have to be kidding.

    ISPConfig has arbitrarily removed the ability to use rewrites?

    Seriously?

    Have you never heard of WordPress??

    Dozens and dozens (and it will be hundreds soon enough) of WP blogs are going from working perfectly to 500 server error, just because you decided to *remove*the*ability*to*use*rewrites*??

    *What* were you *thinking*?

    Y'know, for the first time ever, I'm now lost for words.

    The boxes are not yours that you can arbitrarily decide who can and who can't use rewrite in .htaccess.

    When will this be fixed? I'm sick of being screamed at by WP users with broken sites.
     
  11. gkovacs

    gkovacs New Member

    Chill dude. Let's wait for an answer, don't jump to conclusions.
     
  12. Mogi

    Mogi New Member

    Your right of course.

    It's just that it is more than a little beyond my comprehension how or why such talented (and highly experienced) devs as these could have made a change of such epic proportions. I know next to nothing about code but even I would easily have forseen that change bringing sites down wholesale, which is exactly what it has done.

    Bizarre.

    Anyhow, just have to wait and see what they say.
     
  13. mgibson

    mgibson New Member

    To be honest I agree with Mogi, rewrites is a *must* feature.
    It would be a shame if it didnt have this function and as good as it is, users will stop using ispconfig3.

    Falko help us out here :)
     
  14. till

    till Super Moderator

    You can enable this in your vhost template if you want. So this is not a missing feature nor feature thing at all. To enable rewrites, you will have to alllow to allow overriding of file info which on the other hand enables your customers to widen their access restrictions on the server. As a software provider we will have to release a safe system as everyone will complian otherwise. If you dont need a secure system or it does not matter for you if users are able to get additional features without being activated in the site settings by putting them in a .htaccess file, feel free to give your users thiese permissions. Thats why ispconfig uses templates for config files, so everyone can customize the safe default settiongs to its needs.
     
  15. mgibson

    mgibson New Member

    Hi Till, thanks for the response.

    We can edit the vhost file manually with our directive AllowOverride All but.... when we come to ispconfig3 and configure a new site, it resets all the directives back to how they were originally hence all working wordpress, joomla or drupal sites getting an Error 500.

    gkovacs is trying to say that this never used to happen. Since the latest update, it messes with rewrites.
     
  16. gkovacs

    gkovacs New Member

    Till, there is no problem with you guys releasing a safe software environment. Everyone here is grateful for ISPConfig, it's a great piece of software.

    The problem lies in the fact that it seems you CHANGED the behaviour of ISPConfig silently in the last update, and many of our sites simply STOPPED working. And there is no easy workaround. Most of my clients right now are hosted without mod_rewrite, with Google Adwords turned off. I'm getting phonecalls around the clock.

    In the previous version mod_rewrite worked out of the box, now it doesn't. There was no warning, I don't remember seeing it in the release notes, heck you guys aren't even acknowledging the change here, now.

    Why should this be kept secret? Thousands of sites will fail in the coming weeks if people keep updating their systems. Hundreds of people will try to look for advice everywhere. Are you sure you guys are handling this in the best possible way?
     
    Last edited: Apr 20, 2009
  17. till

    till Super Moderator

    Nothing has been changed silently. You should read the release notes and the comments on fixed bugs as the behaviour has been chenged to fix a bug.
     
  18. till

    till Super Moderator

    Please read my post more closely. I told you to change the vhost template file and not the vhost file!
     
  19. Mogi

    Mogi New Member

    Hello till,

    Does ISPConfig 2 allow rewrites? If it does, are you planning to disable that in the next release/update?

    Seriously, if you are, you may as well stop developing both of these tools right now, as fantastic (truly, they are fantastic) as they are, or rather were.

    Just the single thing of breaking all of these thousands of WordPress sites, let alone all of the other scripts using rewrites, is enough to make ISPConfig a thing of the past in a very, very short space of time.

    Just speaking for myself, even if you do reverse your decision on this rewrites thing (and I think you are going to have zero choice but find a way to fix this) how do we now know that something equally crazy won't be sprung on us in some other future update?

    I think that you have made a really huge error here, and I don't think that you are helping by not dealing with this properly now either.

    I mean, is that it? Your reaction to this is; 'it's not a missing feature'?

    It sure is to hundreds of site owners, and it sure is going to be for hundreds and hundreds more in a short while, too.
     
  20. till

    till Super Moderator

    We might enable this again in ispconfig 3 if it causes so many problems. And yes, it is not feature issue as this is a configuration questions which can be handled easily and individually by every administrator in his setup. ISPConfig uses templates for config files so that every admin can have its own and specific set of templates, this also enables administartors to use different security settings etc. which do not have to be the same then the ones we deliver with ispconfig. Your post shows that you are not aware what the exact issue is. The override option default has been changed because users requested this and not because I requested this. So your complain is that we have fixed a security issue due to user requests and you did not know it because you did not had read the release notes. So if it is populer demand we will turn it on again.
     

Share This Page