Welcome to WebmasterWorld Guest from 18.206.48.142

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

mod_rewrite not playing fair

mod_rewrite on, sub directories are forbidden

     
5:09 am on Nov 13, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 13, 2003
posts:5
votes: 0


Right, here is the problem.

We are getting a nice big fat 403, forbidden error from apache _whenever_ a RewriteEngine directive is called.

Background:

Directory Structure

/path-to-domain/httpdocs/ (aka root for this)
index.php
other_stuff.php
links.php
.htaccess

/path-to-domain/httpdocs/subdir/ (aka subdir for this)
index.pl
otherstuff.pl
.htaccess

---

now the current state of the .htaccess files are:
root .htaccess


ErrorDocument 404 /error404.php
Options +FollowSymlinks +SymLinksIfOwnerMatch

RewriteEngine On
RewriteRule ^links/$ /links.php
RewriteRule ^links/(.*)/(.*)$ /links.php?cat=$1&page=$2
RewriteEngine Off

and the subdir .htaccess


Options +FollowSymlinks +Indexes

DirectoryIndex index.pl

note there are some other bits in this file, auth user etc

---

now, the problem again - when we try and access
www.mydomain.com/subdir/
we get a big fat 403 forbidden

comment out the rewrite engine bits, and it all works fine.

interesting side points
- having only RewiteEngine Off in the file _also_ generates these 403 errors... strange!
- having any RewiteEngine Statement brings a 403...

What we want is to be able to access sub directories *and* have redirects to scripts...

is this possible, or am i out of my tree for wanting this?

Jason

3:24 pm on Nov 13, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Boxie,

Welcome to WebmasterWorld [webmasterworld.com]!

You're not asking for anything that thousands of sites don't already do. However, there are several problems with what you're doing, and some missing information.

First, dump the RewriteEngine off directives - they are never needed, except for debugging. Turn on the engine, and leave it on.

Second, +Indexes and DirectoryIndex index.php are sort of mutually-exclusive. +Indexes means you want to allow user access to server-generated directory listings on your server when "/" is requested in any directory. But DirectoryIndex defines the name of a file to be served if "/" is requested. So, there's a conflict there.

What's missing is any indication of what your 403 error said - What was the URL? What is the contents of your server error log after the 403 occurs?

I suggest you fix the first two problems, and then try some simple rewrites, rather than getting involved with scripts and other complicating factors right away.

In your top-level .htaccess put something like this:


Options +FollowSymLinks
RewriteEngine on
RewriteRule ^silly\.html$ /index.html [L]

Where "index.html" is a page that exists, and "silly.html" is a page that does not exist.
Now request "silly.html" from your server. It should serve your index.html page instead.
If you get a 403 on this, try removing the Options statement.
If it works, do the same test in your subdirectories.

Testing with a very simple test case and the information in your 403 error and error log should make this problem easier to fix.

Jim

2:29 am on Nov 14, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 13, 2003
posts:5
votes: 0


cheers for the response jim!

ok - starting from basics, all error messages from the error log.

Step 1: From Scratch
everything in both .htaccess files is commented out

it works, the script is called and it displays correctly.

Step 2: Enable rewrite engine in the top level .htaccess

RewriteEngine On -the only line in both files.

falls over with error message
Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden:

Step 3: Enable FollowSymLinks in top level .htaccess
the line
Options +FollowSymLinks
enters into the fray

falls over with the same error message as before
Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden:

fair enough...

step 4: enable FollowSymLinks in the sub dir
the line
Options +FollowSymLinks
is added to the .htaccess in the sub dir

it falls over again with the same error message
Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden:

now that is weird, i am thinking that mod_rewrite is having a cry about not having any work to do...

step 5: adding a rewrite rule
i added the line
RewriteRule ^silly.html$ /index.php [L]
to the top level .htaccess

the redirect from silly.html to index.php works in the top level directory, which is fine, but the sub dir still makes the whole thing spit out
403 You don't have permission to access /subdir/index.pl on this server.

which is a total load of crock, as it works fine without any RewriteEngine on directives...

right, so now i am getting an feeling that it is the httpd.conf that is not allowing these directives, i take a quick look at it and there is no AllowOverride statement at all.

these is also this code block for perl scripts (which is what i am trying to run in the sub dir)


<IfModule mod_perl.c>
<Files ~ (\.pl)>
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
allow from all
PerlSendHeader On
</Files>
</IfModule>

could this be doing anything nasty? i do not want to change things unless i know _exactly_ what is happening, being a live site and all...

does not having an AllowOverride statement imply AllowOverride none? (or something else?)

i know for a fact that Rewrite rules are legal and working as they work on other sites.

3:13 am on Nov 14, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Boxie,

This is odd:

> the redirect from silly.html to index.php works in the top level directory, which is fine, but the sub dir still makes the whole thing spit out 403 You don't have permission to access /subdir/index.pl on this server.

It's odd because if you put the same rewrite code in the subdirectory, it should be looking for "/index.php" -- not "index.pl", and looking for it in the web root directory because it's preceded by a slash... That is, rewriting to "/index.php" should not access the subdirectory at all! ... And why is it looking for a .pl file instead of a php file? Either you've got other rewrites happening that are muddying the issue, or the "evidence" here is incorrect. No matter - here are some other things to look at:

AllowOverride defaults to AllowOverride All if missing, but it sure is acting like you have got an AllowOverride None in there somewhere in httpd.conf, in a virtual hosts section or something...

Some other questions, too:

Is this a new script, or a script that's new in this directory? Are the file permissions for the script set? Do you have any <directory> containers in httpd.conf with conflicting settings in them? How about RewriteOptions inherit?

Again, don't use a script to test... Redirect to a simple "hello world" html page to isolate problems with redirects from problems with scripts --- You may indeed have both kinds of problem, so take them one-at-a-time.

Jim
<edit> One more thing ... The line "Options ExecCGI" disables all other options. Use "Options +ExecCGI" instead</edit>

3:36 am on Nov 14, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 13, 2003
posts:5
votes: 0


ok the directory structure

existing domain, files in
./httpdocs/
(all php scripts and html files)

my brand spanking new script in a brand spanking new directory
./httpdocs/subdir/
(all perl scripts)

(sorry, i should have stated this at the beginning :)

the .htaccess that has the RewriteEngine On statement is in the Top Level dir

when that has
RewriteEngine On
RewriteRule ^silly.html^ /index.php

it works fine by requesting [domain.com...] (ala it shows the index.php file)

this code is _not_ in the subdir .htaccess

---

i will give the httpd.conf file another once over in the virtual host area, and add +'s to any Options statements...

cheers for your help jd!

<edit>
yeah, i know that the scripts are working properly without the .htaccess, they are executable etc - i have run accross that (and wasted many hours) on that kinda problem
</edit>

4:17 am on Nov 14, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 13, 2003
posts:5
votes: 0


! got it!
*dances around*

right, here was the problem.
it was only perl scripts that were being denied.

turns out that it was a server config error...

we took the perl part


<IfModule mod_perl.c>
<Files ~ (\.pl)>
SetHandler perl-script
PerlHandler Apache::Registry
Options +ExecCGI
allow from all
PerlSendHeader On
</Files>
</IfModule>

out of the (managed) httpd.include conf file and chucked it into the .htaccess in the local directory and it worked!

thanks for all your help jd - u are da man!

Another happy and satified forum user!

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members