0

I run a hosting service for student at my our faculty. We run PHP with suPHP and for security we need symlinks to be set to "SymLinksIfOwnerMatch".

This has the very unfortunate error that if people have htaccess "Options FollowSymLinks" or "Options None" they will receive an internal server error.

This is a huge problem since most dristributions of OSS-software for PHP has this included in their htaccess by default (Wordpress, Drupal, Joomla and many others), and most guides in htaccess-rules always recommend "FollowSymLinks" since it's needed for mod_rewrite - it does work just as well with SymLinksIfOwnerMatch.

Does anyone have this same issue, and do anyone know how to conquer it? I was hoping to make Apache ignore Options completely. Our default ones are completely sufficient.

Eddy Freddy
  • 1,820
  • 1
  • 13
  • 18
Flemming005
  • 1

1 Answers1

2

You want to set AllowOverride in your main config file.

If you want to turn off all use of .htaccess set

AllowOverride None

If you just want to prevent students from using Options then this should do it:

AllowOVerride AuthConfig FileInfo Indexes Limit
ObscureRobot
  • 7,306
  • 2
  • 27
  • 36
  • Thanks for you answer! Well my use case is a bit special since I want to make it more transparant for our users. Our Options are the only one needed so I ought to set "AllowOverride None". The problem is that this makes very non-descriptive internal server errors, and most scripts sets options. Thus I would like for Apache2 just to ignore them as if they were not present. – Flemming005 Oct 24 '11 at 07:53