# drupal 6.2 .htaccess/apache causing issues. [solved]

## XenoTerraCide

here's access to my /etc http://github.com/xenoterracide/etc/tree/master

right now this is a private testing server, but at some point I'll want to use the same config for a public one.

I can't see the drupal directory listing at all on my server. although I can see everything else in the directory (it's not the permissions).

This is the error that show's up in apache2's error_log

```
[Fri May 09 19:27:27 2008] [alert] [client 127.0.0.1] /home/xenoterracide/public_html/drupal/.htaccess: Options not allowed here
```

----------

## magic919

What Options are you using in htaccess then?

----------

## XenoTerraCide

just default drupal 6.2 

```

# Apache/PHP/Drupal settings:

#

# Protect files and directories from prying eyes.

<FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|

^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">

  Order allow,deny

</FilesMatch>

# Don't show directory listings for URLs which map to a directory.

Options -Indexes

# Follow symbolic links in this directory.

Options +FollowSymLinks

# Customized error messages.

ErrorDocument 404 /index.php

# Set the default handler.

DirectoryIndex index.php

# Override PHP settings. More in sites/default/settings.php

# but the following cannot be changed at runtime.

# PHP 4, Apache 1.

<IfModule mod_php4.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>

# PHP 4, Apache 2.

<IfModule sapi_apache2.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>

# PHP 5, Apache 1 and 2.

<IfModule mod_php5.c>

  php_value magic_quotes_gpc                0

  php_value register_globals                0

  php_value session.auto_start              0

  php_value mbstring.http_input             pass

  php_value mbstring.http_output            pass

  php_value mbstring.encoding_translation   0

</IfModule>

# Requires mod_expires to be enabled.

<IfModule mod_expires.c>

  # Enable expirations.

  ExpiresActive On

  # Cache all files for 2 weeks after access (A).

  ExpiresDefault A1209600

  # Do not cache dynamically generated pages.

  ExpiresByType text/html A1

</IfModule>

# Various rewrite rules.

<IfModule mod_rewrite.c>

  RewriteEngine on

  # If your site can be accessed both with and without the 'www.' prefix, you

  # can use one of the following settings to redirect users to your preferred

  # URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:

  #

  # To redirect all users to access the site WITH the 'www.' prefix,

  # (http://example.com/... will be redirected to http://www.example.com/...)

  # adapt and uncomment the following:

  # RewriteCond %{HTTP_HOST} ^example\.com$ [NC]

  # RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

  #

  # To redirect all users to access the site WITHOUT the 'www.' prefix,

  # (http://www.example.com/... will be redirected to http://example.com/...)

  # uncomment and adapt the following:

  # RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]

  # RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]

  # Modify the RewriteBase if you are using Drupal in a subdirectory or in a

  # VirtualDocumentRoot and the rewrite rules are not working properly.

  # For example if your site is at http://example.com/drupal uncomment and

  # modify the following line:

  # RewriteBase /drupal

  #

  # If your site is running in a VirtualDocumentRoot at http://example.com/,

  # uncomment the following line:

  # RewriteBase /

  # Rewrite URLs of the form 'index.php?q=x'.

  RewriteCond %{REQUEST_FILENAME} !-f

  RewriteCond %{REQUEST_FILENAME} !-d

  RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

</IfModule>

# $Id: .htaccess,v 1.90 2007/10/05 14:43:23 dries Exp $

```

I should probably note I didn't use portage to install drupal since I wanted it installed into my home directory.

mod edit: newline added to fix width issues --bunder

----------

## magic919

This is the 'Options' bit -

```

# Don't show directory listings for URLs which map to a directory.

Options -Indexes

# Follow symbolic links in this directory.

Options +FollowSymLinks 

```

That's where I'd start digging.

----------

## xces

AllowOverride isn't set correctly for the directory Drupal resides in...

----------

## cjubon

You have to add "Limit" to the "AllowOverride" directive for your drupal directory.

----------

## XenoTerraCide

modules.d/00_mod_userdir.conf

```
<Directory /home/*/public_html>

    AllowOverride FileInfo AuthConfig Limit Indexes

```

so I need more than that?

----------

## XenoTerraCide

technically put AllowOverride all fixes the error, but really that just seems like a bad security idea so I'd like to know more specifically what the issue is. fixing an error wrong can be just as bad as not fixing it.

----------

## cjubon

Sorry for the confusion, I didn't read carefully enough. Your error message is "OPTIONS not allowed here", it's not "ORDER not allowed here". It's only for the latter case that "AllowOverride Limit" should fix things.

In your case, it's the "Options -Indexes" and the "Options +FollowSymlinks" line in .htaccess that cause the problem. So you can either put them in a <Directory /home/xenoterracide/public_html/drupal> container within your /etc/apache2/modules.d/00_mod_userdir.conf instead, or add "Options" to the AllowOverride directive.

If you want it more specifically, you can use the syntax "AllowOverride Options=Indexes,FollowSymlinks".

Edit: BTW, for everything related to user directories, I'd prefer SymLinksIfOwnerMatch instead of FollowSymLinks if possible.

----------

## XenoTerraCide

I tried adding FollowSymlinks but apache says it isn't valid. (unless I entered it wrong).

----------

## cjubon

 *XenoTerraCide wrote:*   

> I tried adding FollowSymlinks but apache says it isn't valid. (unless I entered it wrong).
> 
> 

  Where, what?

```
<Directory /home/*/public_html>

    AllowOverride FileInfo AuthConfig Limit Indexes Options=FollowSymlinks
```

 doesn't work?

----------

## XenoTerraCide

hmm... I had tried this...

```

<Directory /home/*/public_html>

    AllowOverride FileInfo AuthConfig Limit Indexes FollowSymlinks

```

is an expansion of what I have atm but I had tried followsymlinks in the allowoveride line.

 *Quote:*   

> 
> 
> ```
> 
> <Directory /home/*/public_html>
> ...

 

seems to work  :Very Happy: . I guess I can mark this solved although I agree with the SymLinksIfOwnerMatch. I'm merely using default drupal settings. plus the original default gentoo apache settings.

drupal's solution is AllowOveride All which to me sounds like a bad idea even though I'm not sure what 'All' makes possible.

----------

