Apache rewrite to remove index.php

I am on shared hosting without shell access. How can I enable “occ maintenance:update:htaccess” or add the rewrite rule manually to the .htaccess file? I have confirmed that mod_end and mod_rewrite are enabled on the server.
I already had some issues where the links with index.php became invalid and vice versa. I want both to be working since I already shared some files with the “index.php” in the url.

I tried just adding this to .htaccess but it does not work. I get an “The webpage cannot be found” error:

RewriteRule ^index.php/(.*) $1 [L]

Try with everything below that line from the post above with the full .htaccess


I recently had a bugger of a time trying to get a variety of open source php projects running together on a new test server that I built where I was using php-fpm. I couldn’t work out why pages weren’t redirecting correctly.

As part of my diagnostic debug work I changed the Apache server config to use mod_php instead of php-fpm and lo and behold everything suddenly started working.

At this point I knew the problem was my php-fpm configuration.

Just putting in my 2 cents worth. Perhaps it might help to clearly identify the source of the problem.

Cheers, wizdude.

This helped solve my problem: https://serverfault.com/questions/450628/apache-2-4-php-fpm-proxypassmatch

1 Like

So I just upgraded to 10 without bringing across my htaccess file from the 9.0.52 installation and I noticed it’s already set and ready to go with the relevant rewritebase, presumably from the config file during the upgrade process.

Really pleased I didn’t have to potentially face the continuity issue again :slight_smile:

Hi, I’m with nextcloud 10. fresh installation. installed nc10 on /nextcloud. mod_env and mod_rewrite already enabled,and followed steps below:
sudo vim /var/www/nextcloud/config/config.php
Add ‘htaccess.RewriteBase’ => ‘/nextcloud’,
sudo -u www-data php occ maintenance:update:htaccess

I still can’t get rid of index.php ,why?

Leo, you need to give www-data write permission on .htaccess. I assume you’ve hardened your permissions, which would have revoked that permission. To fix it, ensure that root owns the file and that www-data is the group. Then run sudo chmod 0664 .htaccess. Then run occ again, and all will be fine.


I also have problem with removing index.php from address.
I do have correct permission on .htaccess, rewrite and env enabled
.there is no changes in .htaccess happening when running occ command…
out of ideas …


  • I’m running NC 10.0.1 on a shared CENTOS server (installed in webroot of the subdomain, PHP 5.6.21)
  • mod_rewrite and mod_env seem to be enabled.
  • my .htaccess file looks pretty much exactly like the one FredFS456 posted further above.
  • the permissions on the .htaccess file are 644 and the occ command updating .htaccess works.
  • my config.php file features these options related to rewrites and htaccess:

‘overwrite.cli.url’ => ‘https://nextcloud.mydomain.com’,
‘overwriteprotocol’ => ‘https’,
‘htaccess.RewriteBase’ => ‘/’,
‘overwritewebroot’ => ‘/’,
‘overwritehost’ => ‘nextcloud.mydomain.com’,
‘has_internet_connection’ => true,
‘check_for_working_htaccess’ => true,

Still the index.php part of the URL is always present (in login URLs, sharing link URLs…).
Other than that, Nextcloud works without any noticable problems.

when I go to nextcloud.mydomain.com,
the resulting URL is nextcloud.mydomain.com/index.php/login
nextcloud.mydomain.com/login works but I always get the URL with the index.php part.

Any ideas what’s causing this?

Thank you.

OK, I think I may have found an answer. In an old owncloud admin manual for 9.x I found this:

My shared hosting company does not use mode_php but only fastcgi. So I guess unless NC supports fastcgi for index.php-less URLs in the future, this will remain a dream for me.

1 Like

Any other options?
I’m also limited to CGI or fastCGI, but I really want to get rid of index.php in my URLs… :confused:
Or is there any official word when this feature is suspected to work with other php methods?

If you are using Apache you need to set the AllowOverwrite attribute for the Nextcloud folder to All - see https://docs.nextcloud.com/server/10/admin_manual/installation/source_installation.html#apache-web-server-configuration

This allows Apache to load the .htaccess file and overwrite the settings from the apache config with the values in this file.

As a user in shared hosting environment I don’t think I have the permission to change/edit these settings.
But I think Apache already loads the .htacess in my Nextcloud folder because the contents of that .htaccess file does have an effect, with this one notable exception: no pretty URLs without index.php.

same for me, unfortunately… :frowning:

@nani @nikolasdas if your setup is anything like mine (I’m on Gandi simple hosting) where I don’t have sudo, then here’s a solution if the .htaccess doesn’t update for some reason.

Beware that this works for Nextcloud 10 and might break in the future when paths are updated. So no guarantee. :slight_smile:

In addition to the addition of 'htaccess.RewriteBase' => '/', in the config.php, you have to paste this block at the end of your .htaccess. It’s the block which is inserted by the occ maintenance:update:htaccess command:
(Big thanks to @MorrisJobke for giving me the snippet! :tada:)

<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/test.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
1 Like

Thank you for sharing this, but the htaccess is not the problem. It gets updated correctly, but the rewrite doesn’t have any effect :confused:

Same here. My .htaccess looks exactly the same at the end as @jan’s.
Probably won’t work unless the pretty URL-rewrite part is going to be compatible with fastCGI in a shared hosting environment (i.e. no root access/permissions).
Given the number of other issues open at Github, I understand it’s not a priority issue and probably won’t be dealt with anytime soon, if ever. So there’s little hope.

@nikolasdas @Armando_Valencia

Finally, by accident, I seem to have solved this issue: I’ve included 'htaccess.IgnoreFrontController' => true in my config.php.
Then updated the .htaccess file in my web root folder using ./occ maintenance:update:htaccess
That seems to do the trick. Don’t know if it’ll work on your system though (my setup = NC 12.0.1 on a shared CENTOS server, PHP 7). Good luck!

1 Like

In my case (Nextcloud 10.0.1 on Ubuntu 16.04), this will cause 2 error messages in the admin settings:

  • The “X-Content-Type-Options” HTTP header is not configured to equal to “nosniff”. This is a potential security or privacy risk and we recommend adjusting this setting.
  • The “X-Frame-Options” HTTP header is not configured to equal to “SAMEORIGIN”. This is a potential security or privacy risk and we recommend adjusting this setting.

I’ve changed it in .htacces manually to

<IfModule mod_env.c>
    # Add security and privacy related headers
    Header always set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    SetEnv modHeadersAvailable true

(“Header always set…” instead of “Header set…”)

@jan, if i run the command

sudo -u www-data php occ maintenance:update:htaccess

the corrections in .htaccess will be overwritten and those 2 error messages will appear again :frowning:

My Apache config was a little bit too restrictive, after removing

Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff

the manual intervention of .htaccess was no more necessary.

But THX, anyway!


A run Nextcloud on Debian and Apache 2.4.10. I upgrades from Nextcloud 10.0.1 to 11.0 yesterday. Before my url was https://cloud.mydomain.com/apps/files/ but now it is https://cloud.mydomain.com/index.php/apps/files/.

Both these modules are enabled
a2enmod rewrite
Enabling module rewrite.

a2enmod env
Module env already enabled

And I have this in my config.php
’htaccess.RewriteBase’ => ‘/’,

Then I am not able to execute the following command
sudo -u www-data php occ maintenance:update:htaccess
Error updating .htaccess file, not enough permissions?

www-data owns the file and should be able to write to it
chown www-data:www-data .htaccess

sudo -u www-data php occ maintenance:update:htaccess
Error updating .htaccess file, not enough permissions?

Anyone having any ideas why this happens?