• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Upstream Apache directive blocking .htaccess file directives

Bod

Bod

New Pleskian
Server operating system version
Debian 12
Plesk version and microupdate number
Version 18.0.59 Update #2
I have a .htaccess file that uses the RewriteEngine but as soon as I set this to on, I get a 403 error.

This entry is in the /etc/apache2/apache2.conf file:

Code: 
<Directory /var/www/>
    <Files ~ (\.pl$)>
        SetHandler cgi-script
        Options ExecCGI
        allow from all
    </Files>
    AddHandler cgi-script .pl
    Options ExecCGI Indexes FollowSymLinks SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>

The error log shows Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions which doesn't make sense to me. In the conf file we are setting FollowSymLinks and SymLinksIfOwnerMatch so what are they being reported as being off?

I have restarted Apache after making the changes to the conf file.
Any suggestions what else I should be looking at?

I have limited knowledge of Apache so any feedback on the above directive would be appreciated as well as some help troubleshooting the .htaccess file :)
 
You'll for sure need to remove "FollowSymlinks" and only leave "SymLinksIfOwnerMatch", because by default symbolic links are only allowed for the same owner. If you have the normal "FollowSymlinks" in the statement, it will fail.

About the other entries: I do not know more. 403 is a permission issue. It could either result from the Handler (which might not exist) or it could be ModSecurity interfering with a request. It is also possible that the physical file permissions don't allow access.
 
Thanks Peter.

I am pretty sure it is not a permission error on the .htaccess file. Apache must be able to open it to generate the error it gives! Besides, if I take out the contents of the file and just leave a blank file, the 403 error goes. So it's what is in the file that is clashing with the upstream directives rather than the file itself.

I've taken out FollowSymlinks from the conf file as you suggested, but no change to the behaviour.
 
I didn't mean to say it's a permission issue with the .htaccess file, but that it could be an issue with the file permissions of files that are addressed by a request.
 
it could be an issue with the file permissions of files that are addressed by a request
Click to expand...
Could it as the files are correctly served when the .htaccess is removed/renamed?
 
We have still made no progress with this problem.
Has anyone else seen a similar issue? How did you solve it?
 
You must log in or register to reply here.

Similar threads

L
Question PHP-FPM served by Nginx vs. Apache (again)
Replies
2
Views
530
lema
L
brother4
Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?
Replies
1
Views
991
brother4
brother4
J
Issue Error: configuration files for the Apache web server were not created
Replies
1
Views
534
Raul A.
R
S
Issue htaccess header missing
Replies
1
Views
1K
SKDamon
S
T
Issue ModSecurity and bad gateway 500 nginx
Replies
3
Views
920
tomaszt
T
Back
Top