Apache: Access management via .htaccess not working

levi-jcbs

1/2/23, 1:39 PM

For a few hours now, I've been trying to create a working .htaccess file that forbids access to all files with the exception of a few files and folders.

But whenever I write Allow from all in my .htaccess file in a direct subdirectory of my root folder /srv/www/htdocs/, it just says "Server error!" the end. In the attachment I send you my current httpd.conf and `default-server.conf.

My system:

OS: openSUSE Tumbleweed x86_64 
Host: 20XXS00100 ThinkPad X1 Carbon Gen 9 
Kernel: 5.13.13-1-default 
Uptime: 12 hours, 14 mins 
Packages: 5771 (rpm), 8 (snap) 
Shell: bash 5.1.8 
Resolution: 1920x1200 
DE: Plasma 5.22.4 
WM: KWin 
Theme: Breeze Dark [Plasma], Breeze [GTK2/3] 
Icons: [Plasma], breeze-dark [GTK2/3] 
Terminal: konsole 
CPU: 11th Gen Intel i7-1165G7 (8) @ 4.700GHz 
GPU: Intel TigerLake-LP GT2 [Iris Xe Graphics] 
Memory: 5945MiB / 31820MiB

If you can help me with this, I would be very grateful!

default-server.conf: https://www.opensuse-forum.de/wcf/attachment/15371-default-server-conf-txt/

httpd.conf: https://www.opensuse-forum.de/wcf/attachment/15372-httpd-conf-txt/

1 + 5

.htaccess

apache-2.4

vidarlo

1/2/23, 1:46 PM

What does the log show? Whenever you see a server error message, check your logs.

João Alves

1/2/23, 1:56 PM

That config (`Allow from All`) is legacy and can only be used if "mod_access_compat" is loaded. Either convert the expression to new format `Require ...` or load the referred module.

MrWhite

1/2/23, 4:16 PM

How were you _blocking_ access in the parent(?) `.htaccess` file? (I would have assumed you'd get a similar response/error?)

levi-jcbs

1/3/23, 9:56 AM

@MrWhite No, there is no error in the parent directory.

MrWhite

1/3/23, 10:19 AM

Do you mind showing the contents of your root (parent) `.htaccess` file? As it stands, the most probable cause (and resolution) is as stated by João Alves above. Just to add, you should not mix old and new auth/access directives. On Apache 2.4 you should be using the new `Require` directives, but you must convert _all_ instances to the new version. The server config you posted encloses all the auth directives in conditionals so both "work" without error.

Score:1

Server

levi-jcbs

1/3/23, 11:44 AM

I have to use the "Require" directive, then it works.

Thanks to @MrWhite

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Apache: Access management via .htaccess not working

TH: Apache: การจัดการการเข้าถึงผ่าน .htaccess ไม่ทำงาน

RO: Apache: gestionarea accesului prin .htaccess nu funcționează

RU: Apache: управление доступом через .htaccess не работает

VI: Apache: Quản lý truy cập qua .htaccess không hoạt động

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.