RSS

Apache mod_rewrite frustration

Dear lazyweb, I’m having severe issues with Apache’s mod_rewrite on my VPS. I’m pretty sure what I want to do is doable, but I can’t figure out the rewrite rules to allow it.

In my httpd.conf I have something similar to this:


<IfModule mod_dav.c>
LimitXMLRequestBody 131072
DavLockDB /var/dav/DavLock

Alias /dav "/home/user/dav"
#<Directory /home/user/dav>
<Location /dav>
Dav On
Options +Indexes
IndexOptions FancyIndexing
AddDefaultCharset UTF-8
AuthType Basic
AuthName "Private"
AuthUserFile /home/user/dav.passwd
Require valid-user
</Location>
#</Directory>
</IfModule>

This worked fine when the root of the site had nothing but a simple index.html in it. Now I’ve got Drupal7 installed, so it does all the fancy mod_rewrite stuff to get the clean urls, etc. And now when I go to https://site/dav, Drupal is answering and saying “no such directory”. If I have /home/user/dav for the private WebDAV share, I’m using /home/user/public_html/ for the accessible web site (I do this to prevent any accidental exposure to those data files). Incidentally I tried with both <Location> and <Directory> and it makes no difference.

The .htaccess in /home/user/public_html/ looks like this (just the important bits):


<IfModule mod_rewrite.c>
RewriteEngine on

RewriteRule ^/dav(/.*)$ /dav/$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

</IfModule>

I’ve tried a number of variations (the above is my latest try). Also tried things like:


RewriteCond %{REQUEST_URI} !^/dav

With and without the extra .* bits, etc.

I am literally tearing my hear out here. Does anyone have any idea what I’m doing wrong? I basically want it to go “hey, you want /dav? ok, I won’t rewrite anything and you can have it) and have /dav/[whatever] loaded requiring auth to access. Something in the mod_rewrite is killing it, and I suspect it might have to do with Alias. Maybe all this stuff needs to be in httpd.conf instead of .htaccess?

6 Comments
May 5, 2012
By Linux Tags: ,

6 Comments

  1. Stefan

    I’m not sure what will work (you probably need to set the RewriteBase), but you should also avoid loops.

    RewriteEngine on
    RewriteBase /dav
    RewriteCond %{REQUEST_URI} !=/index.php
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !=/favicon.ico
    RewriteRule ^(.*)$ /index.php?q=$1 [L,QSA]

    Oh, AFAIK it doesn’t need to be in httpd.conf for it to work. :)

    May 05, 2012 @ 20:52:04

  2. dmaphy

    Something like this should do the job and just not rewrite anything:

    RewriteRule ^/dav – [L]

    If I remember it correctly, the rule needs to be placed before any other RewriteRule.

    May 06, 2012 @ 01:34:30

  3. Alexander E. Patrakov

    Two things:

    1) You may want to rewrite /dav to “-” which means “don’t change the URL”

    2) You probably need the PT flag in the rewrite rule, because /dav is an alias.

    May 06, 2012 @ 02:28:35

  4. Jonas

    Hi,

    The URL rewrite pattern doesn’t look correct.

    RewriteRule ^/dav/?(.*)$ /dav/$1 [L,QSA,PT]

    The first change is just to cope with the missing slash case, that is probably just a minor issue if it is an issue at all..

    But the solution is the PT option I think…

    Good luck!

    May 06, 2012 @ 03:27:19

  5. vdanen

    Setting the RewriteBase to /dav works only for /, so anything like /page1 or /page2 is requesting auth (so maybe it’s trying to rewrite /page1 to /dav/page1? the only thing requiring auth is /dav).

    Using:

    RewriteRule ^/dav – [L,PT]

    doesn’t work either. /dav gets to Drupal’s page not found page. Also:

    RewriteRule ^/dav/?(.*)$ /dav/$1 [L,QSA,PT]

    doesn’t work. Normally I would say forget it and setup a subdomain (say dav.host.com) to get to it, but I have an SSL very host.com and want to get to the WebDAV via SSL (and since it’s on the same IP address, I’d get host-mismatch errors on the cert, which would probably break one or two of the programs I’m using).

    Thank you all for trying though! The closest I got was with the RewriteBase, but that’s almost too agressive.

    May 06, 2012 @ 08:27:34

  6. vdanen

    Ok, found the solution here:

    http://serverfault.com/questions/55323/disable-mod-rewrite-for-subdirectory

    After enabling some rewrite logging:


    RewriteLog /tmp/rewrite.log
    RewriteLogLevel 9

    I noticed that it was immediately trying to get a 401 error document, which meant that authorization was not working and was pretty much being bypassed altogether.

    The solution was to, in my httpd.conf, add:


    ErrorDocument 401 "Unauthorized Access"
    RewriteEngine off

    Before the various Dav/Auth options. Now everything works as expected. I also got rid of the Alias directive and moved /home/user/dav to /home/user/public_html/dav; not sure if that is necessarily required, but it seems to have made a difference.

    May 11, 2012 @ 15:05:09

Leave a Reply

*