I have following directory layout:
/var/www/
example.com/
logs/
html/
stuff/
Apache is configured to normally serve from /var/www/example.com/html
I have configured webdav to work for the url https://example.com/server-admin
and allow access to the other dirs, too:
<VirtualHost>
...
Alias /server-admin /var/www/example.com/
<Location /server-admin >
Dav on
AllowOverride None
...
With AllowOverride None
I want to disable htaccess files so they don't break webdav operation.
This kind of works. But: if I upload an syntactically broken htaccess file everything falls apart with an 500 internal server error. I guess even so the file is not used, apache still parses it.
So I tried using AccessFilename .davaccess
to change it so some other name, which kind of works, but not in <Location>
but only globally in <VirtualHost>
.
So what to do? How to I disable htaccess in a <Location>
or how do I have to change layout in order for this to work?
Best Answer
You'll need to use a
<Directory>
container instead of a<Location>
container in order to apply theAllowOverride
directive. Whilst theAllowOverride
directive has "directory" context (meaning that it would ordinarily be permitted in both<Location>
and<Directory>
containers, etc.), there is a specific restriction that states:This would seem to be reasonable since
.htaccess
files apply to physical directories, not strictly URLs (although URLs often map to physical directories). (The<Directory>
container is also processed much earlier in the request.<Location>
containers are processed late.)Incidentally, you'd also need to set
AllowOverrideList None
on Apache 2.4 to completely disable.htaccess
files. And as per the docs forAllowOverride
:I don't currently see how
.htaccess
(per-directory config files) can be conditionally enabled for an area of the filesystem (under a single virtual host). They are either enabled or not.Reference:
UPDATE: The solution/workaround to this is probably to have a completely separate VirtualHost (maybe the same host, but different port?) just for WebDAV that points to the same area of the filesystem, in which
.htaccess
are completely disabled. However, dot-files (primarily.htaccess
and.htpasswd
) are also protected by default, so you would need to override this if required to allow read access.