43

I am using a Lamp server on my computer. I started to use Laravel php framework. In my .htaccess , If I use Options +FollowSymLinks , I get 500 error. And If I comment out , I have to use index.php in my all addresses ..example:

 /~ytsejam/blog/public/index.php/login

I use Arch Linux . Is there a way to solve it?

edit: I solved this by using virtual hosts. And deleting index.php from application/config/application.php in laravel folder.

Amit Kumar PRO
  • 1,222
  • 2
  • 15
  • 27
ytsejam
  • 3,291
  • 7
  • 39
  • 69
  • 1
    Well, server log says what about the 500s? –  Aug 25 '12 at 07:23
  • Server error! The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script. – ytsejam Aug 25 '12 at 07:25
  • [Sat Aug 25 10:23:33 2012] [alert] [client ::1] /home/ytsejam/public_html/blog/public/.htaccess: Options not allowed here – ytsejam Aug 25 '12 at 07:28

3 Answers3

20

You might try searching the internet for ".htaccess Options not allowed here".

A suggestion I found (using google) is:

Check to make sure that your httpd.conf file has AllowOverride All.

A .htaccess file that works for me on Mint Linux (placed in the Laravel /public folder):

# Apache configuration file
# http://httpd.apache.org/docs/2.2/mod/quickreference.html

# Turning on the rewrite engine is necessary for the following rules and
# features. "+FollowSymLinks" must be enabled for this to work symbolically.

<IfModule mod_rewrite.c>
    Options +FollowSymLinks
    RewriteEngine On
</IfModule>

# For all files not found in the file system, reroute the request to the
# "index.php" front controller, keeping the query string intact

<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

Hope this helps you. Otherwise you could ask a question on the Laravel forum (http://forums.laravel.com/), there are some really helpful people hanging around there.

Hendrik Jan
  • 4,396
  • 8
  • 39
  • 75
10

Parameter Options FollowSymLinks enables you to have a symlink in your webroot pointing to some other file/dir. With this disabled, Apache will refuse to follow such symlink. More secure Options SymLinksIfOwnerMatch can be used instead - this will allow you to link only to other files which you do own.

If you use Options directive in .htaccess with parameter which has been forbidden in main Apache config, server will return HTTP 500 error code.

Allowed .htaccess options are defined by directive AllowOverride in the main Apache config file. To allow symlinks, this directive need to be set to All or Options.

Besides allowing use of symlinks, this directive is also needed to enable mod_rewrite in .htaccess context. But for this, also the more secure SymLinksIfOwnerMatch option can be used.

Marki555
  • 6,434
  • 3
  • 37
  • 59
  • 1
    Do you know *why* it is needed for `mod_rewrite` in .htaccess files? I have seen that qualification in the docs, but no explanation other than "security reasons"... – jwd Jun 09 '16 at 17:28
  • Yes, it is for security - controlling user's usage of `mod_rewrite` though `.htaccess` files. Better would be if it had separate parameter, but maybe Apache modules can't introduce new parameters for `AllowOverride`, so they have chosen one of the existing ones... – Marki555 Jun 09 '16 at 18:58
  • 1
    I guess my question, put another way, was: What could a malicious person do, which this additional `AllowOverride` requirement prevents? I don't see what it actually buys you... – jwd Jun 13 '16 at 22:59
  • Oh! You saved my day. This is working. `Options SymLinksIfOwnerMatch` – codewitharefin Sep 29 '20 at 10:01
8

How does the server know that it should pull image.png from the /pictures folder when you visit the website and browse to the /system/files/images folder in your web browser? A so-called symbolic link is the guy that is responsible for this behavior. Somewhere in your system, there is a symlink that tells your server "If a visitor requests /system/files/images/image.png then show him /pictures/image.png."

And what is the role of the FollowSymLinks setting in this?

FollowSymLinks relates to server security. When dealing with web servers, you can't just leave things undefined. You have to tell who has access to what. The FollowSymLinks setting tells your server whether it should or should not follow symlinks. In other words, if FollowSymLinks was disabled in our case, browsing to the /system/files/images/image.png file would return depending on other settings either the 403 (access forbidden) or 404 (not found) error.

http://www.maxi-pedia.com/FollowSymLinks

Albuquerque Web Design
  • 413
  • 7
  • 16