Apache .htaccess error: 'not allowed here' on Debian Wheezy
Solution 1
The Apache Directory directive on /var/www/ninja/www/ only allows modification of the behaviour of FileInfo Indexes
by way of the .htaccess file. Refer to the Apache documentation on AllowOverride.
Please modify the AllowOverride
to also allow the local configuration of AuthConfig
resulting in:
<Directory /var/www/ninja/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride FileInfo Indexes Authconfig
</Directory>
Solution 2
Your configuration should add AuthConfig Limit at
AllowOverride FileInfo Indexes
Becomes
AllowOverride FileInfo Indexes AuthConfig Limit
Related videos on Youtube
BonifatiusK
Updated on September 18, 2022Comments
-
BonifatiusK over 1 year
I am trying to configure an apache virtualhost which needs to be password protected in the root directory.
So I created a .htpasswd file (with sha passwords) and configured the .htaccess file. Howevery whatever I do, on the webpage I get an error 500 (internal server error) and in the error.log I see this:
/var/www/ninja/www/.htaccess: deny not allowed here
or if I leave the deny out of the .htaccess:
AuthUserFile not allowed here
Both .htpasswd and .htaccess file are readable for apache and are set to the www-data user and group. I also tried adding these rules to the virtualhost config file but that didn't do the trick either.
Can you please help me out?
Thanks!
config file apache:
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName ninja DocumentRoot /var/www/ninja/www ServerAlias ninja <Directory /var/www/ninja/www/> Options Indexes FollowSymLinks MultiViews AllowOverride FileInfo Indexes Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
htaccess file: (placed in /var/www/ninja/www/)
Deny from all #Allow from (You may set IP here / to access without password) AuthUserFile /var/www/ninja/.htpasswd AuthName authorization AuthType Basic require valid-user
Here is an ls of the mods-enabled directory
alias.conf -> ../mods-available/alias.conf alias.load -> ../mods-available/alias.load auth_basic.load -> ../mods-available/auth_basic.load authn_file.load -> ../mods-available/authn_file.load authz_default.load -> ../mods-available/authz_default.load authz_groupfile.load -> ../mods-available/authz_groupfile.load authz_host.load -> ../mods-available/authz_host.load authz_user.load -> ../mods-available/authz_user.load autoindex.conf -> ../mods-available/autoindex.conf autoindex.load -> ../mods-available/autoindex.load cgi.load -> ../mods-available/cgi.load deflate.conf -> ../mods-available/deflate.conf deflate.load -> ../mods-available/deflate.load dir.conf -> ../mods-available/dir.conf dir.load -> ../mods-available/dir.load env.load -> ../mods-available/env.load mime.conf -> ../mods-available/mime.conf mime.load -> ../mods-available/mime.load negotiation.conf -> ../mods-available/negotiation.conf negotiation.load -> ../mods-available/negotiation.load php5.conf -> ../mods-available/php5.conf php5.load -> ../mods-available/php5.load reqtimeout.conf -> ../mods-available/reqtimeout.conf reqtimeout.load -> ../mods-available/reqtimeout.load setenvif.conf -> ../mods-available/setenvif.conf setenvif.load -> ../mods-available/setenvif.load status.conf -> ../mods-available/status.conf status.load -> ../mods-available/status.load
-
BonifatiusK over 10 yearsthanks, the error 500 is gone, 'I do get You don't have permission to access / on this server.' I take it that would be the htaccess generating that?
-
Artem P over 8 yearsOnly
Limit
needed. -
Hokascha almost 7 yearsAlso keep in mind to add the AuthConfig configuration to both SSL and non-SSL apache config files in case you have them seperated.