Why does not htaccess work on localhost?

0
votes

I took these steps:

  1. Enabled LoadModule rewrite_module modules/mod_rewrite.so in httpd.conf
  2. Created .htaccess file with "deny from all" and a blank line
  3. Restarted Apache 2.4

However, when I go to the folder containing this .htaccess (localhost/upload/), I see other files in it:

Index of /upload/

Parent Directory

... list goes on

What is wrong with that and how can I fix it?

EDIT

This is how .htaccess looks like now:

<Directory />
    AllowOverride All
    Deny from all
</Directory>

And this line was uncommented in httpd.conf

LoadModule rewrite_module modules/mod_rewrite.so

All the rest was left unchanged and default.

1
apache.htaccessmod-rewrite
You forgot to tell your host to interpret .htaccess style files. Take a look at apaches AllowOverride command. - arkascha
Also you want to think about if you really need to use .htaccess style files. Why don't you place your commands in the host configuration instead? .htaccess style files are notoriously error prone and unreliable, they are hard to debug and really slow the server down. They are only offered for those users who do not have control over the host configuration (as it often is the case with cheap web space providers). - arkascha
I tried dozens different commands in .htaccess, but none of them works - Jacobian
Did you even bother to read what I wrote in my first comment? - arkascha
Not only I read, I even tried to use it, but in vain. Probably, you mean something really subtle, that should be followed along dot by dot. So, if you could elaborate on this, that would be helpful. - Jacobian

1 Answers

3
votes

As discussed above in the comments you first need to enable the interpretation of those .htaccess style files. Before you do that they are simply ignored.

For that apache offers the command AllowOverride. Place it inside the <Directory ...> section of your host configuration which defines the rules you want to have applied to the location where you want those files to be interpreted. So something like: 

Listen 80
<VirtualHost *:80>
    ServerName www.example.org
    DocumentRoot "/var/www/documents"
    <Directory "/var/www/documents">
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Your .htaccess style file need that content: 

Order deny,allow
Deny from all

That should work, as far as I can say without trying it now myself. Anyhow you really should start monitoring your http servers error log file (also as already written above in the comments). It allows you to understand what is wrong with your setup, for example in case of syntax errors. The typical location of that log file is something like /var/log/apache2/error.log, but it might vary, depending on your setup again. Look for the CustomLog command in your apache configuration which defines the location of that log file.

I would like to repeat my second comment here however:

You want to think about if you really need to use .htaccess style files. Why don't you place your commands in the host configuration instead? .htaccess style files are notoriously error prone and unreliable, they are hard to debug and really slow the server down. They are only offered for those users who do not have control over the host configuration (as it often is the case with cheap web space providers).

You can achieve the same result without any .htaccess style file by adding another <Directory ...> command to your host definition: 

Listen 80
<VirtualHost *:80>
    ServerName www.example.org
    DocumentRoot "/var/www/documents"

    <Directory "/var/www/documents">
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    <Directory "/var/www/documents/protected/area">
        AllowOverride All
        Order deny,allow
        Deny from all
    </Directory>
</VirtualHost>