«

»

Dec 06

How to solve: Apache error .htaccess: ExpiresActive not allowed here, referrer: http://Technology.Bauzas.com/…

How to solve: Apache error .htaccess: ExpiresActive not allowed here, referrer: http://Technology.Bauzas.com/…

I turned on some .htaccess rules in order for the cache to perform faster but unfortunately it came with some unintended consequences: A bunch of 500 error pages and in the log files one of the errors was [Core:Alert] /../.htaccess: ExpiresActive not allowed here, referrer: http://Technology.Bauzas.com/…

The reason ExpiresActive is not allowed is because changing configuration settings via .htaccess files is disabled for security reasons by default. If you get an Internal Server Error screen shown on your browser (or 500 error page) and you have the message “htaccess: ExpiresActive  not allowed here” in your Apache error.log (ususally found at /var/log/apache2/error.log), you will need to enable support for it via the virtual host config file.

If you look at the manual and focus on the syntax you can identify the dependencies needed in order for ExpiresActive to work correctly: http://httpd.apache.org/docs/1.3/mod/mod_expires.html#expiresactive

Syntax: ExpiresActive On|Off
Context: server config, virtual host, directory, .htaccess
Override: Indexes
Status: Extension
Module: mod_expires

In order to use ExpiresActive in an .htaccess you need AllowOverride Indexes
Simply add or update the line AllowOverride to include Indexes to your Apache virtual host, the vhost configuration file should then look like

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride Indexes
    Order allow,deny
    allow from all
</Directory>

If you had other AllowOverride directives you only need to add the Indexes one. The order I think does not matter. Also, there is no need to add Allowoverride All instead of Indexes to your vhosts file. While it will also work as it allows ALL directives, you are exposing yourself to more than just rewriting URLs and could therefore be a security risk. Is like opening all the ports in your firewall vs just the one you need.

Enhanced by Zemanta

Leave a Reply

%d bloggers like this: