40

I created an .htaccess file with only the following line:

Options -Indexes

However, the index is still shown for the directory.

I just installed Apache2 and am using all the defaults (I did not modify apache2.conf or httpd.conf).

OS: Ubuntu 12.04 (Precise Pangolin)
Apache2 version: Server version: Apache/2.2.22 (Ubuntu) Server built: Feb 13 2012 01:51:56

$ ls -l .htaccess
-rwxr-xr-x .htaccess

EDIT:

I took lanzz's advice and added gibberish to the .htaccess file, and discovered that the .htaccess file is not being read.

Rob Bednark
  • 25,981
  • 23
  • 80
  • 125
  • 4
    Try to place a line of gibberish in the .htaccess and see if you're getting internal server errors when accessing your site. If you're not getting errors, your .htaccess is not being read at all. – lanzz May 26 '12 at 21:22
  • 1
    What about just `Options -Indexes`? – Evan Mulawski May 26 '12 at 21:22
  • 3
    Do you have `AllowOverride All` set in your httpd.conf? – Ansari May 26 '12 at 21:23
  • 1
    @Ansari: The OP is using the defaults, which, according to http://httpd.apache.org/docs/2.0/mod/core.html, is on `All` by default. – Evan Mulawski May 26 '12 at 21:24
  • 1
    Tried a line of gibberish in the .htaccess and no errors in error.log, so apparently .htaccess is not being read at all. So why isn't the .htaccess file being read? – Rob Bednark May 26 '12 at 21:41
  • @RobBednark That's typically a symptom of the htaccess file not being read at all, which means the `AllowOverride` directive is not set to `All` – Chris Henry May 26 '12 at 21:46

8 Answers8

57

You should check that the Apache config allows for the .htaccess to be executed. In your virtualhost config, there should be a line:

AllowOverride All

If there isn't, that's why the .htaccess isn't taking effect.

Chris Henry
  • 11,914
  • 3
  • 30
  • 31
  • 2
    The OP is using the defaults, which, according to http://httpd.apache.org/docs/2.0/mod/core.html, is on `All` by default. – Evan Mulawski May 26 '12 at 21:24
  • 2
    Is `httpd.conf` the virtualhost config by default? It is empty. I added `AllowOverride All` and restarted Apache, but it gave the error `AllowOverride not allowed here`. – Rob Bednark May 26 '12 at 22:08
  • Evan, i just encountered a situation where it was not All by default, so this comment was actually helpful. – deweydb Aug 07 '13 at 16:15
  • 5
    Reminder: this directive also needs to inside your section of your VirtualHost. Solved my problem. – James John McGuire 'Jahmic' Sep 13 '13 at 14:18
  • As with the usual changes between versions, looking through the configs in Apache 2.4, I found this directive was set by default to `None` in `/etc/apache2/apache2.conf` between the preset ` ... ` lines, rather than in the VirtualHost section of `000-default.conf`. – depwl9992 Dec 04 '13 at 16:44
  • 4
    Note: Apache's defaults are not Ubuntu's defaults, for better or worse. Ubuntu has AllowOverride set to None, stopping .htaccess from working (they're trying to encourage good practices, .htaccess is bad for various reasons) – Twirrim Dec 22 '13 at 22:52
30

To get this working, I added the following to /etc/apache2/httpd.conf (which is a zero-length file by default when Apache is installed) and then restarted Apache. Now Options -Indexes in the .htaccess file works as desired. Here is the bare minimum required to get it to work:

/etc/apache2/httpd.conf :

<VirtualHost *:80>
        DocumentRoot /var/www
        <Directory / >
        </Directory>
</VirtualHost>

lanzz's suggestion to add a line of gibberish to the .htaccess file to see if it was being read was helpful in diagnosing the problem.

Note that AllowOveride defaults to All, per Evan Mulawski's comment, so it's not required in the minimal set of httpd.conf lines above.

Community
  • 1
  • 1
Rob Bednark
  • 25,981
  • 23
  • 80
  • 125
  • 5
    Editing the `httpd.conf` on Ubuntu is discouraged; in fact that file has gone away as of 13.10. Instead, the preferred way to do things is to put your VirtualHost configuration in a .conf file in `/etc/apace2/sites-available` and enable it with `a2ensite mysite.conf`. Sites can then be easily disabled as well: `a2dissite mysite.conf`. (Note that ".conf" is now required as of 13.10 on VirtualHost config files.) – JoBu1324 Oct 22 '13 at 21:55
  • In fact, Ubuntu has all kinds of easy to use apache [management tweaks](https://help.ubuntu.com/13.04/serverguide/httpd.html) to make life easier. – JoBu1324 Oct 22 '13 at 21:57
  • this answer is helpful: https://stackoverflow.com/questions/18740419/how-to-set-allowoverride-all – Mahdi Aslami Khavari Apr 04 '22 at 12:27
16

I had the same problem. I was using a virtual host so I modified httpd-vhosts.conf so if you are using one this could help

Where you configure your host reference the directory tag to be the same as your document root

<VirtualHost *:8080>
ServerName somelocalserver
DocumentRoot "C:/Websites/htdocs/yoursite"
<Directory "C:/Websites/htdocs/yoursite">
    Options FollowSymLinks
    AllowOverride All
</Directory>

I needed AllowOverride All to recognize the .htaccess file.

Edit

I also needed to add the path to the site root in the directory tag itself. i.e. <Directory "C:/Websites/htdocs/yoursite">. This was the default in the samples I used.

Issa
  • 321
  • 2
  • 6
  • This worked for me as well. This started happening on a vhost that's been working fine for years after I added some new vhosts, have no idea why though... – Magnus Apr 04 '17 at 07:51
11

As there's no httpd.conf file anymore, what you need to do on a VPS is:

  1. Go to /etc/apache2/sites-enabled/
  2. Do ls to find the file for the website you're looking for
  3. Edit the corresponding file with nano THE_CONF_FILE or with whatever editor you'd like
  4. Change all AllowOverride None values that you see in different <Directory> ... </Directory>s to AllowOverride All

  5. Save the file and close it

  6. Now you need to enable module rewrite by running the command:sudo a2enmod rewrite

  7. And finally to activate the new configuration, you need to run: service apache2 restart

It'll work like a charm now!

Neeku
  • 3,646
  • 8
  • 33
  • 43
  • 6
    +1 for `sudo a2enmod rewrite`. I spent about 10 minutes littering my `apache2.conf`, `sites-enabled/default.conf`, and `conf-enabled/*.conf` with `AllowOverride All` and couldn't for the life of me figure out that mod_rewrite wasn't enabled. – stevendesu Aug 26 '15 at 22:39
  • The files in sites-enabled are symlinks to the files in sites-available. A more correct approach is therefore to edit the latter, not the former. – Rich Harding Oct 21 '20 at 14:28
  • Just this: sudo a2enmod rewrite – Neri Jul 09 '21 at 19:54
5

In case you have 

AllowOverride None

Change that to:

AllowOverride All

in your httpd.conf or in your default virtualhost file in in /etc/apache2/sites-available/...conf

Timothy
  • 4,198
  • 6
  • 49
  • 59
3

I solved this problem on RHEL by editing file /etc/http/conf/httpd.conf I changed all 

AllowOverride None

To

AllowOverride All

Also you can check httpd.conf AllowOverride by following command on RHEL

grep -i AllowOverride /etc/conf/conf/httpd.conf
Shehzad Nizamani
  • 2,127
  • 1
  • 13
  • 17
1

Also, beside changing AllowOverride All to the vhost configuration file, you may also need to add the following at the beginning of the .htaccess file:

RewriteEngine On
RewriteBase /

Otherwise may still not detecting the rewrites or redirects.

jgtdesign
  • 11
  • 2
0

One more reason one's htaccess file is not being read is an existing htaccess enforces a HTTPS 301 redirect that the browser then caches which can be a problem if virtual hosts are not configured correctly. Full explanation below.

If one is setting up a virtual host in Apache and XAMPP for example, the first time you fire up the URL of your virtual host, if you have an existing htaccess file with a HTTPS 301 redirect, your browser will get redirected to the HTTPS version of your virtual host. But there's a potential problem. If you haven't explicitly set up a *:433 virtual host for the domain in question, in your Apache vhosts config file, Apache will default to using the first virtual host listed.

Depending on the contents of this default virtual host it may be impossible to distinguish what is happening, and user will maddeningly try to determine why changes to the htaccess file are no longer being processed.

Once you determine what is happening, the workaround is to disable any HTTPS redirects and reboot and try again without HTTPS. The real solution is to complete a full virtual host 443 setup with certificate.

Justin Reinhart
  • 11
  • 2